eXtremail 1.x/2.1 - Remote Format String (1)

// source: https://www.securityfocus.com/bid/2908/info eXtremail is a freeware SMTP server available for Linux and AIX. eXtremail contains a format-string vulnerability in its logging mechanism. Attackers can send SMTP commands argumented with maliciously constructed arguments that will exploit...

eXtremail 1.x/2.1 - Remote Format String (2)

// source: https://www.securityfocus.com/bid/2908/info eXtremail is a freeware SMTP server available for Linux and AIX. eXtremail contains a format-string vulnerability in its logging mechanism. Attackers can send SMTP commands argumented with maliciously constructed arguments that will exploit...

SECURITY.NNOV: KAV (AVP) for sendmail format string vulnerability

Hello , Topic: Format string vulnerability in AVP for sendmail Author: 3APA3A [email protected] Affected Software: KAV for sendmail 3.5.135.2 Vendor: Kaspersky Lab Vendor Notified: 30 May 2001 Risk: High/Average Remotely Exploitable: Yes Impact: DoS/Remote root compromise Released: 06 June...

Ошибка форматной строки в KAV (AVP) для sendmail (format string)

Ошибка в avpkeeper при работе с syslog...

Ошибка форматной строки в at из Solaris (NLS format string)

Ошибка форматной строки при работе с NLS...

Ошибка форматной строки в exim

Ошибка форматной строки при включеной опции headerschecksyntax...

KAV (AVP) for sendmail format string

Topic: Format string vulnerability in AVP for sendmail Author: 3APA3A Affected Software: KAV for sendmail 3.5.135.2 Vendor: Kaspersky Lab Vendor Notified: 30 May 2001 Risk: High/Average Remotely Exploitable: Yes Impact: DoS/Remote root compromise Released: 06 June 2001 Vendor URL:...

Exim 3.x - Format String

Exim 3.x - Format String source: https://www.securityfocus.com/bid/2828/info Exim is a free, open-source Mail Transfer Agent for Unix systems. Exim is vulnerable to a locally exploitable format string attack which may compromise root access. The vulnerability exists only when the 'syntax checking...

Exim 3.x - Format String

source: https://www.securityfocus.com/bid/2828/info Exim is a free, open-source Mail Transfer Agent for Unix systems. Exim is vulnerable to a locally exploitable format string attack which may compromise root access. The vulnerability exists only when the 'syntax checking' mode is turned on, whic...

CVE-2001-0155

Format string vulnerability in VShell SSH gateway 1.0.1 and earlier allows remote attackers to execute arbitrary commands via a user name that contains format string specifiers...

GNU Privacy Guard 1.0.x - Format String

GNU Privacy Guard 1.0.x - Format String source: https://www.securityfocus.com/bid/2797/info GnuPG is a popular open source public/private key encryption system. It is possible for attackers to create an encrypted document that will exploit a format string vulnerability in the GnuPG client when th...

GNU Privacy Guard 1.0.x - Format String

source: https://www.securityfocus.com/bid/2797/info GnuPG is a popular open source public/private key encryption system. It is possible for attackers to create an encrypted document that will exploit a format string vulnerability in the GnuPG client when the document is decrypted. This...

CVE-2001-0359

Format string vulnerability in Sierra Half-Life build 1573 and earlier allows a remote attacker to execute arbitrary code via the map command...

CVE-2001-0197

Format string vulnerability in printclient in icecast 1.3.8beta2 and earlier allows remote attackers to execute arbitrary commands...

CVE-2001-0218

Format string vulnerability in marsnwe 0.99.pl19 allows remote attackers to execute arbitrary commands...

CVE-2001-0111

CVE-2001-0111 : The vulnerability affects the splitvt utility (before 1.6.5). It is a format-string flaw that can allow a local attacker to run arbitrary commands via the -rcfile argument. Debian’s DSA-014-2 describes a buffer overflow/format-string attack with root access risk; remediation is up...

EUVD-2001-0013

Format string vulnerability in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges...

CVE-2001-0193

CVE-2001-0193 describes a format-string vulnerability in the man page viewer, observed in some Linux distributions via the -l parameter, enabling local privilege escalation. Connected documents identify Debian as affected via the man-db package and reference Debian Security Advisory DSA-028-1, wh...

CVE-2001-0060

CVE-2001-0060 affects stunnel up to version 3.8 and earlier. The vulnerability is a format-string flaw in handling the ident username, enabling an attacker to execute arbitrary commands. Connected advisories reference Debian DSA 009-1 and indicate the need to update/stabilize stunnel; no exploit ...

CVE-2001-0060

Format string vulnerability in stunnel 3.8 and earlier allows attackers to execute arbitrary commands via a malformed ident username...