kpopup -- local root exploit and local denial of service

Mitre CVE reports: Format string vulnerability in main.cpp in kpopup 0.9.1-0.9.5pre2 allows local users to cause a denial of service segmentation fault and possibly execute arbitrary code via format string specifiers in command line arguments. misc.cpp in KPopup 0.9.1 trusts the PATH variable whe...

Linux groff utility pic contains format string vulnerability

Overview The pic component of the image processing package groff contains a format string vulnerability that could allow a remote attacker to execute arbitrary code. Description groff is an image processing package on Linux systems. A component of groff called pic contains a format-string...

CVE-2001-1411

Format string vulnerability in gm4 aka m4 on Mac OS X may allow local users to gain privileges if gm4 is called by setuid programs...

CVE-2003-0852

This CVE affects Sylpheed-claws 0.9.4–0.9.6, with a vulnerability in the send_message.c routine caused by format strings in an error message. This format-string vulnerability could be exploited by a remote SMTP server to cause a denial of service (crash) in Sylpheed. The connected documents do no...

CVE-2003-0852

Format string vulnerability in sendmessage.c for Sylpheed-claws 0.9.4 through 0.9.6 allows remote SMTP servers to cause a denial of service crash in sylpheed via format strings in an error message...

CVE-2001-1411

CVE-2001-1411 describes a format string vulnerability in gm4 (m4) on Mac OS X. The flaw may allow local users to gain privileges if gm4 is executed by setuid programs. The vulnerability is triggered through improper handling of format strings in gm4, leading to potential privilege escalation. The...

[Full-Disclosure] Sylpheed-claws format string bug, yet still sylpheed much better than windows

Georgi Guninski security advisory 61, 2003 Sylpheed-claws format string bug, yet still sylpheed much better than windows Systems affected: Sylpheed-claws 0.9.6 - 0.9.4 Fixed in CVS Risk: Medium Date: 22 October 2003 Legal Notice: This Advisory is Copyright c 2003 Georgi Guninski. You may distribu...

Sylpheed-claws format string bug

Format string bug in SMTP client code...

CVE-2003-0843

CVE-2003-0843 concerns a format-string vulnerability in mod_gzip_printf within mod_gzip (v1.3.26.1a and earlier, possibly later builds) when running in debug mode and handling HTTP requests with Accept-Encoding: gzip. A remote attacker can cause arbitrary code execution by supplying format-string...

CVE-2003-0843

Format string vulnerability in modgzipprintf for modgzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode and using the Apache log, allows remote attackers to execute arbitrary code via format string characters in an HTTP GET request with an "Accept-Encoding...

CVE-2003-0697

Format string vulnerability in lpd in the bos.rte.printers fileset for AIX 4.3 through 5.2, with debug enabled, allows local users to cause a denial of service crash or gain root privileges...

CVE-2003-0784

Format string vulnerability in tsm for the bos.rte.security fileset on AIX 5.2 allows remote attackers to gain root privileges via login, and local users to gain privileges via login, su, or passwd, with a username that contains format string specifiers...

Half Life client format string bug

If adminmod installed using adminpsay command leads to format string bug...

Format string bug in Half-Life client, but is it really exploitable???

Hey, some weeks ago I found a format string bug in the Half-Life client. The bug happens when an unknown command is used and the game returns a string like the following: x02Unknown command: wrongcommandusedn | | | | | | | line feed | | command used exactly what has been written in the | | consol...

Half-Life 1.1 - Invalid Command Error Response Format String

Half-Life 1.1 - Invalid Command Error Response Format String source: https://www.securityfocus.com/bid/8730/info It has been reported that Half-Life clients may be prone to a format string vulnerability. The problem occurs when an invalid command is issued to the server, and an error response is...

Half-Life 1.1 - Invalid Command Error Response Format String

source: https://www.securityfocus.com/bid/8730/info It has been reported that Half-Life clients may be prone to a format string vulnerability. The problem occurs when an invalid command is issued to the server, and an error response is returned and displayed by the client. If a format specifier...

CVE-2003-0784

Format string vulnerability in tsm for the bos.rte.security fileset on AIX 5.2 allows remote attackers to gain root privileges via login, and local users to gain privileges via login, su, or passwd, with a username that contains format string specifiers...

CVE-2003-0697

CVE-2003-0697 describes a format string vulnerability in the lpd component within the bos.rte.printers fileset on AIX 4.3–5.2, reportedly triggered when debug is enabled. The flaw allows local users to cause a denial of service (crash) and could potentially escalate to root privileges. Affected s...

CVE-2003-0697

Format string vulnerability in lpd in the bos.rte.printers fileset for AIX 4.3 through 5.2, with debug enabled, allows local users to cause a denial of service crash or gain root privileges...

CVE-2003-0784

The entries describe a Format string vulnerability in the tsm package (bos.rte.security fileset) on AIX 5.2. The root cause is a format string flaw that can be exploited to gain root privileges via login (remote) and to gain privileges locally via login, su, or passwd when a username contains for...