8515 matches found
AOL Instant Messenger vulnerable to denial of service via crafted file name
Overview AOL Instant Messenger AIM 4.1 and prior are vulnerable to a denial of service vulnerability. A denial of service occurs when filenames that contain a "%s" are sent to a victim. Description AOL Instant Messenger AIM is a program for communicating with other users over the Internet. AIM...
iXsecurity.20020314.csadmin_fmt.a
iXsecurity Security Vulnerability Report No: iXsecurity.20020314.csadminfmt.a ======================================== Vulnerability Summary --------------------- Problem: Cisco Secure ACS webserver has a format string vulnerability. Threat: An attacker could send an "invalid" URL to the webserve...
Directory traversal and format string bug in Cisco Secure ACS
Any html, htm, class, jpg, jpeg or gif files can be remotely accessed. Format string bug can lead to remote server compromise...
GnuPG contains format-string vulnerability in handling of encrypted data filename
Overview Some versions of Gnu Privacy Guard GPG contain a format-string vulnerability from improper handling of filenames when decrypting files. Description GPG is an OpenPGP-compliant alternative to PGP to protect electronic communications using public-key cryptography. Versions of GPG prior to...
Format String Bug in Posadis DNS Server
Date: Mar 27 02 Me: kkr [email protected] Software: Posadis DNS Server http://sourceforge.net/projects/posadis/ Ver: m5pre1 Bug: bad fmt string usage in log function, may lead to remote access Word Life: the warez dude Overview: Posadis dns server is a small dns server without cache or resolving...
Bypassing libsafe format string protection
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Name: libsafe Version: up to 2.0-11 URL: http://www.research.avayalabs.com/project/libsafe/ Author: Wojciech Purczyсski [email protected] Date: March 14, 2002 Issue: ====== Libsafe provides ineffective protection against format string exploit attacks that...
format string vulnerability protection bypass in libsafe
Not all of possible converion flags are processed...
CVE-2001-1129
Format string vulnerabilities in 1 probuild, 2 dbutil, 3 mprosrv, 4 mprshut, 5 proapsv, 6 progres, 7 proutil, 8 rfutil and 9 prolib in Progress database 9.1C allows a local user to execute arbitrary code via format string specifiers in the file used by the PROMSGS environment variable...
CVE-2001-1208
Format string vulnerability in DayDream BBS allows remote attackers to execute arbitrary code via format string specifiers in a file containing a RA control code...
CVE-2001-1129
The CVE-2001-1129 entry covers multiple components of Progress database 9.1C (probuild, dbutil, mprosrv, mprshut, proapsv, progres, proutil, rfutil, and prolib). The vulnerability is a local format-string flaw in the PROMSGS environment file that allows a local user to execute arbitrary code. The...
CVE-2001-1208
CVE-2001-1208 describes a format-string vulnerability in DayDream BBS that allows remote code execution via format specifiers in a file containing a ~#RA control code. The entry lists a base score of 7.5 (HIGH) with network attack vector, low attack complexity, and no authentication required. The...
FreeBSD-SA-02:15.cyrus-sasl
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-02:15 Security Advisory FreeBSD, Inc. Topic: cyrus-sasl library contains format string vulnerability Category: ports Module: cyrus-sasl Announced: 2002-03-12 Credits: Kari...
CVE-2000-0741
Format string vulnerability in strong.exe program in NAI Net Tools PKI server 1.0 before HotFix 3 allows remote attackers to execute arbitrary code via format strings in a URL with a .XUDA extension...
CVE-2001-0740
CVE-2001-0740 affects 3COM OfficeConnect 812/840 ADSL Router with OCR812 router software version 1.1.9 and earlier. The vulnerability is a potential format string flaw triggered by a long string containing many "%s" sequences, which can cause a denial of service via remote access. The connected d...
CVE-2001-0879
CVE-2001-0879 describes a format-string vulnerability in the C runtime functions used by Microsoft SQL Server 7.0 and 2000. The underlying issue is a format string handling flaw in the C runtime, which can allow an attacker to trigger a denial of service. The available connected documents confirm...
CVE-2001-0690
CVE-2001-0690 describes a format-string vulnerability in Exim in batched SMTP mode that can let an unauthenticated remote attacker execute arbitrary code via format strings in SMTP headers. The entry specifies affected Exim versions: 3.22-10 (Red Hat), 3.12 (Debian), and 3.16 (Conectiva). Attack ...
CVE-2001-0522
Format string vulnerability in Gnu Privacy Guard aka GnuPG or gpg 1.05 and earlier can allow an attacker to gain privileges via format strings in the original filename that is stored in an encrypted file...
CVE-2001-0740
3COM OfficeConnect 812 and 840 ADSL Router 4.2, running OCR812 router software 1.1.9 and earlier, allows remote attackers to cause a denial of service via a long string containing a large number of "%s" strings, possibly triggering a format string vulnerability...
CVE-2000-0699
The CVE-2000-0699 entry concerns HP-UX 10.20’s ftpd with a format-string vulnerability in the PASS command. The underlying flaw allows a remote attacker to cause a denial of service or execute arbitrary commands through crafted PASS input, potentially enabling shell access as indicated by Nessus ...
CVE-2001-0522
The CVE-2001-0522 issue concerns GnuPG (GPG) versions 1.0.5 and earlier, where a format-string vulnerability in the do_get/tty_printf flow exposes the original encrypted-file filename to format-string processing. This can allow code execution with the privileges of the user decrypting the file. T...