DSA-529 netkit-telnet-ssl - format string

Bulletin has no description...

apache13-modssl -- format string vulnerability in proxy support

A OpenPKG Security Advisory reports: Triggered by a report to Packet Storm from Virulent, a format string vulnerability was found in modssl, the Apache SSL/TLS interface to OpenSSL, version up to and including 2.8.18 for Apache 1.3. The modssl in Apache 2.x is not affected. The vulnerability coul...

Re: mod_ssl-2.8.18-1.3.31 Format string vulnerability

On Fri, Jul 16, 2004, [email protected] wrote: Thought you might like to look at this if you haven't seen it already. Any feedback on it is appreciated. -Packet Storm ----- Forwarded message from Virulent [email protected] ----- Delivered-To: [email protected]...

Solaris 2.5.1 (sparc) : 112891-01

SunOS 5.5.1: rpc.rwalld has format string problem. Date this patch was last updated by Sun : Jun/14/02 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network Security, Inc. if...

Solaris 2.5.1 (x86) : 112892-01

SunOS 5.5.1x86: rpc.rwalld has format string problem. Date this patch was last updated by Sun : Jun/14/02 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network Security, Inc...

Solaris 2.6 (x86) : 112894-01

SunOS 5.6x86: rpc.rwalld has format string problem. Date this patch was last updated by Sun : Jun/17/02 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network Security, Inc. i...

CVE-2004-0640

CVE-2004-0640 is a format string vulnerability in the SSL_set_verify function of telnetd.c for the SSLtelnet daemon (SSLtelnetd) v0.13 that allows remote code execution. Connected records tie this to netkit-telnet-ssl and related packages (e.g., Debian netkit-telnet-ssl) with advisories noting a ...

CVE-2004-0640

Format string vulnerability in the SSLsetverify function in telnetd.c for SSLtelnet daemon SSLtelnetd 0.13 allows remote attackers to execute arbitrary code...

CVE-2004-0448

Format string vulnerability in the log function for jftpgw 0.13.4 and earlier allows remote authenticated users to execute arbitrary code via format string specifiers in certain syslog messages...

CVE-2004-0448

The CVE-2004-0448 entry describes a format-string vulnerability in the log function of jftpgw 0.13.4 and earlier. The flaw allows remote authenticated users to execute arbitrary code via format string specifiers in certain syslog messages. Documents confirm affected software (jftpgw, an FTP proxy...

FreeBSD : hsftp format string vulnerabilities (68)

The following package needs to be updated: hsftp %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkg316e1c9b671c11d89aad000a95bc6fae.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright 2003-20...

FreeBSD : ezbounce remote format string vulnerability (45)

The following package needs to be updated: ezbounce %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkgc480eb5e7f0011d8868e000347dd607f.nasl. Disabled on 2011/10/01. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright...

FreeBSD : qpopper format string vulnerability (160)

The following package needs to be updated: qpopper %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkgebdf65c72ca611d893550020ed76ef5a.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright...

FreeBSD : Buffer overflows and format string bugs in Emil (39)

The following package needs to be updated: emil %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkgce46b93a80f211d896450020ed76ef5a.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright 2003-200...

FreeBSD : GNU Anubis buffer overflows and format string vulnerabilities (6)

The following package needs to be updated: anubis %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkg8471bb856fb011d8873f0020ed76ef5a.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright...

FreeBSD : Midnight Commander buffer overflows, format string bugs, and insecure temporary file handling (106)

The following package needs to be updated: mc %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkg0c6f3fde9c5111d893660020ed76ef5a.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright 2003-2006...

RHEL 2.1 : metamail (RHSA-2004:073)

Updated metamail packages that fix a number of vulnerabilities are now available. Metamail is a system for handling multimedia mail. Ulf Harnhammar discovered two format string bugs and two buffer overflow bugs in versions of Metamail up to and including 2.7. An attacker could create a...

RHEL 2.1 : mc (RHSA-2004:172)

Updated mc packages that resolve several buffer overflow vulnerabilities, one format string vulnerability and several temporary file creation vulnerabilities are now available. Midnight Commander mc is a visual shell much like a file manager. Several buffer overflows, several temporary file...

RHEL 2.1 : tripwire (RHSA-2004:244)

Updated Tripwire packages that fix a format string security vulnerability are now available. Tripwire is a system integrity assessment tool. Paul Herman discovered a format string vulnerability in Tripwire version 2.3.1 and earlier. If Tripwire is configured to send reports via email, a local use...

RHEL 2.1 : cadaver (RHSA-2004:157)

An updated cadaver package that fixes a vulnerability in neon exploitable by a malicious DAV server is now available. cadaver is a command-line WebDAV client that uses inbuilt code from neon, an HTTP and WebDAV client library. Versions of the neon client library up to and including 0.24.4 have be...