Security Update: [CSSA-2003-007.0] Linux: Apache mod_dav module format string vulnerability

To: [email protected] [email protected] [email protected] [email protected] SCO Security Advisory Subject: Linux: Apache moddav module format string vulnerability Advisory number: CSSA-2003-007.0 Issue date: 2003 February 17 Cross reference: 1...

Oracle9i Application Server Format String Vulnerability (#NISR16022003d)

NGSSoftware Insight Security Research Advisory Name: Oracle9i Application Server Format String Vulnerability Systems Affected: All platforms; Oracle9i Application Server Release 9.0.2 Severity: Critical Risk Category: Format String Vulnerability Vendor URL: http://www.oracle.com Author: David...

Some implementations of mod_dav contain a format string vulnerability in "ap_log_rerror()" function

Overview A vulnerability in some implementations of moddav may permit a remote attacker to gain unauthorized access to a web server running moddav. Description moddav is a module designed to provide DAV capabilities for a web server. A format string vulnerability in some implementations may permi...

CVE-2003-0074

Format string vulnerability in mpmain.c for plpnfsd of the plptools package allows remote attackers to execute arbitrary code via the functions 1 debuglog, 2 errorlog, and 3 infolog...

CVE-2003-0074

Format string vulnerability in mpmain.c for plpnfsd of the plptools package allows remote attackers to execute arbitrary code via the functions 1 debuglog, 2 errorlog, and 3 infolog...

CVE-2003-0074

CVE-2003-0074 describes a format-string vulnerability in mpmain.c for the plpnfsd component of the plptools package. The flaw allows remote attackers to execute arbitrary code through (1) debuglog, (2) errorlog, and (3) infolog, as stated in the public records. The connected documents confirm the...

CVE-2003-0060

CVE-2003-0060 describes a format-string vulnerability in the MIT Kerberos V5 KDC logging routines prior to version 1.2.5. The issue allows remote attackers to trigger a denial of service (crash) and, potentially, to execute arbitrary code via format string specifiers in Kerberos principal names. ...

MIT Kerberos V5 KDC logging routines use unsafe format strings

Overview Early releases of the MIT Kerberos V5 KDC contain format string vulnerabilities that can be used by unauthenticated remote attackers to conduct denial of service attacks on KDC servers. Description Logging routines in some unspecified versions of the MIT Kerberos V5 Key Distribution Cent...

plpnfsd format string bug

Format string bug on syslog call...

[VSA0303] Half-Life StatsMe remote (root) hole

void.at Security Advisory VSA0303 Overview ======== "statsme"1 is a popular plugin for the Half-Life Dedicated Server hlds. hlds is not only the server for the most popular online game today, "Counter-Strike", but for many other games too. Two security bugs in statsme make it possible to execute...

StatsMe format string bug

Format string bug in smplayerstats...

Adminmod format string bug

Formatstring bug in multiple command...

[VSA0302] Half-Life Adminmod remote (root) hole

void.at Security Advisory VSA0302 Adminmod1 is a plugin for the "Half-Life Server", hosting the most popular online game today, "Counter-Strike", among others. Overview ======== Due to a format string bug in adminmod, it is possible for a remote attacker who knows the rcon-password to remotely...

[VSA0301] Half-Life Clanmod remote (root) hole

void.at Security Advisory VSA0301 Clanmod1 is a plugin for the "Half-Life Server", hosting the most popular online game today, "Counter-Strike", among others. Overview ======== Due to a format string bug in clanmod, it is possible for a remote attacker who knows the rcon-password to remotely...

[VSA0304] Half-Life Client remote hole via Adminmod plugin

void.at Security Advisory VSA0304 Half-Life is the underlying game for the most popular online game today, "Counter-Strike", and others. Adminmod is a popular plugin to the half-life-server. Overview ======== Due to a format string in the Half-Life client, it is possible for an attacker who has...

Half Life clanmod format string bug

Formst string bug in cmlog command requires rcon access...

Half-Life Client Server Message Format String Vulnerability

...

Half-Life 1.1 Client - Server Message Format String

Half-Life 1.1 Client - Server Message Format String // source: https://www.securityfocus.com/bid/6582/info // It has been reported that the Half-Life client contains a format string vulnerability. When receiving messages from an administrator through the adminmod add-on package, the client does n...

Half-Life AdminMod 2.50 Plugin - Remote Format String

Half-Life AdminMod 2.50 Plugin - Remote Format String // source: https://www.securityfocus.com/bid/6580/info // A format string vulnerability has been discovered in the Half-Life AdminMod plugin. The problem occurs in commands which call the selfmessage function, which is used by other functions ...

Half-Life StatsMe 2.6.x Plugin - MakeStats Format String

// source: https://www.securityfocus.com/bid/6578/info // The Half-Life StatsMe plug-in is prone to an exploitable format string vulnerability. This issue may be exploited by an attacker who can authenticate with the rcon-password of the Half-Life server to execute arbitrary code in the context o...