8511 matches found
CVE-2001-0915
Format string vulnerability in Berkeley parallel make pmake 2.1.33 and earlier allows a local user to gain root privileges via format specifiers in the check argument of a shell definition...
CVE-2001-1129
Format string vulnerabilities in 1 probuild, 2 dbutil, 3 mprosrv, 4 mprshut, 5 proapsv, 6 progres, 7 proutil, 8 rfutil and 9 prolib in Progress database 9.1C allows a local user to execute arbitrary code via format string specifiers in the file used by the PROMSGS environment variable...
Ошибка форматной строки в Cyrus-sasl (format string)
Ошибка форматной строки при обращении к syslog,...
NSI RWhoisd contains format string vulnerability in print_error()
Overview A remotely exploitable format string vulnerability exists in the Referral Whois server daemon RWhoisd. Description As the Internet has grown, the centralized whois database was not able to scale. In order to deal with scaling the whois system, Referral Whois was developed. Referral Whois...
RWhoisd remote format string vulnerability
Hello, there is a serious bug in RWhoisd by NSI on all versions. it is possible for a user to supply the format string passed to printerror simpley by using the "-soa" directive. the results are obvious, we can write almost anywhere in the proc's memory thus executing code as the user running...
Network Solutions Rwhoisd -soa Command Remote Format String
The remote rwhois daemon is vulnerable to a format string attack when supplied malformed arguments to a '-soa' request. An attacker may use this flaw to gain a shell on this host. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid10790; scriptversion "1.16";...
Ошибки форматной строки в nvi (format string)
No description provided...
[SECURITY] [DSA 085-1] New nvi packages fix format string vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 085-1 [email protected] http://www.debian.org/security/ Martin Schulze October 20th, 2001 -...
[SECURITY] [DSA 085-1] New nvi packages fix format string vulnerability
-------------------------------------------------------------------------- Debian Security Advisory DSA 085-1 [email protected] http://www.debian.org/security/ Martin Schulze October 20th, 2001 - -------------------------------------------------------------------------- Package : nvi, nvi-m17n...
CVE-2001-0740
3COM OfficeConnect 812 and 840 ADSL Router 4.2, running OCR812 router software 1.1.9 and earlier, allows remote attackers to cause a denial of service via a long string containing a large number of "%s" strings, possibly triggering a format string vulnerability...
CVE-2001-0789
Format string vulnerability in avpkeeper in Kaspersky KAV 3.5.135.2 for Sendmail allows remote attackers to cause a denial of service or possibly execute arbitrary code via a malformed mail message...
Common Desktop Environment (CDE) ToolTalk RPC Server rpc.ttdbserverd contains format string vulnerability
Overview A vulnerability exists in CDE ToolTalk that may allow a remote attacker to execute arbitrary code with root privileges. Description Internet Security Systems ISS X-Force has discovered a format string vulnerability in the Common Desktop Environment CDE ToolTalk Remote Procedure Call RPC...
Ошибка форматной строки в ToolTalk rpc.ttdbserverd (format string)
Позволяет получить привилегии root...
hylafax
There are some format strings vulnerbilities in the lastest hylafax package try faxrm -h x 1 or faxalter -h x -D 1 for "proof of concept". Both faxrm and faxalter are installed setuid uucp on FreeBSD installed from port collection. uid uucp is not that exciting but with some luck you'll find uucp...
CVE-2001-1034
Format string vulnerability in Hylafax on FreeBSD allows local users to execute arbitrary code via format specifiers in the -h hostname argument for 1 faxrm or 2 faxalter...
CVE-2001-1034
Format string vulnerability in Hylafax on FreeBSD allows local users to execute arbitrary code via format specifiers in the -h hostname argument for 1 faxrm or 2 faxalter...
DEBIAN-CVE-2001-1034
Format string vulnerability in Hylafax on FreeBSD allows local users to execute arbitrary code via format specifiers in the -h hostname argument for 1 faxrm or 2 faxalter...
CVE-2001-0690
Format string vulnerability in exim 3.22-10 in Red Hat, 3.12 in Debian and 3.16 in Conectiva in batched SMTP mode allows a remote attacker to execute arbitrary code via format strings in SMTP mail headers...
CVE-2001-0489
The CVE-2001-0489 entry concerns gftp before version 2.0.8, where a printf/format string vulnerability in the logging of network data allows a remote FTP server to cause arbitrary commands to be executed. Affected component is the gftp client; root cause is unsafe handling of data received from t...
CVE-2001-0155
Format string vulnerability in VShell SSH gateway 1.0.1 and earlier allows remote attackers to execute arbitrary commands via a user name that contains format string specifiers...