178 matches found
GNU Mailutils imap4d <= 0.6 Remote Format String Exploit
Exploit for linux platform in category remote exploits ======================================================== GNU Mailutils imap4d Original Reference: http://www.idefense.com/application/poi/display?id=246&type=vulnerabilities email protected:/home/coki/audit$ ./mu-imap4dfsexp GNU Mailutils...
PlatinumFTPserver format string vulnerability ( IHSTeam )
advisory URL : http://www.ihsteam.com/advisory/PlatinumFTPserver.txt IHS Iran Hackers Sabotage Public advisory by : c0d3r "Kaveh Razavi" [email protected] well yesterday a guy found a simple user overflow in PlatinumFTPserver vr : 1.0.18 and prior. I downloaded the package at :...
Berlios gpsd gpsd_report() Function Format String
The remote host is running GPSD, a daemon which monitors a GPS device and publishes its data over the network. The remote version of this software is vulnerable to format string attack due to the way it uses the syslog call. An attacker may exploit this flaw to execute arbitrary code on the remot...
SHOUTcast Server Filename Handling Format String
According to its banner, the version of SHOUTcast Server installed on the remote host is earlier than 1.9.5. Such versions fail to validate requests containing format string specifiers before using them in a call to 'sprintf'. An unauthenticated, remote attacker may be able to exploit this issue ...
CVE-2004-1097
Format string vulnerability in the cherokeeloggerncsawritestring function in Cherokee 0.4.17 and earlier, when authenticating via authpam, allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via format string specifiers in the URL...
HTTP URI Handling Format String
The remote web server seems to be vulnerable to a format string attack on the URI. An attacker might use this flaw to make it crash or even execute arbitrary code on this host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid15640; scriptversion"$Revision: 1.19 $";...
HTTP Header Value Remote Format String
The remote web server seems to be vulnerable to a remote format string attack based on the way it responds to a request containing a header whose value includes a format string. An anonymous attacker may be able to leverage this flaw to make the affected service crash or to execute arbitrary code...
HTTP Header Name Remote Format String
The remote web server seems to be vulnerable to a remote format string attack based on the way it responds to a request containing a header whose name includes a format string. An anonymous attacker may be able to leverage this flaw to make the affected service crash or to execute arbitrary code ...
Debian DSA-014-2 : splitvt - buffer overflow and format string attack
It was reported recently that splitvt is vulnerable to numerous buffer overflow attack and a format string attack. An attacker was able to gain access to the root user id. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted fr...
dwhttpd < 4.2 GET Request Remote Format String (deprecated)
Binary data 1506.prm...
OpenFTPD SITE MSG FTP Command Format String
The remote host is running OpenFTPD - an FTP server designed to help file sharing aka 'warez'. Some versions of this server are vulnerable to a remote format string attack that could allow an authenticated attacker to execute arbitrary code on the remote host. Note that Nessus did not actually...
Multiple format string vulnerabilities in cadaver
Background According to http://www.webdav.org/cadaver, cadaver is a command-line WebDAV client for Unix. It supports file upload, download, on-screen display, namespace operations move/copy, collection creation and deletion, and locking operations. Description Cadaver code includes the neon...
lcdproc lcdd 0.x/4.x - Multiple Vulnerabilities
source: https://www.securityfocus.com/bid/10085/info LCDproc Server LCDd has been reported to be prone to multiple remote vulnerabilities. The first issue is reported to exist in the parseallclientmessages function of parse.c, and is due to a lack of sufficient boundary checks performed on...
DreamFTP Server username Remote Format String
The remote DreamFTP server is vulnerable to a format string attack when processing the USER command. An attacker may exploit this flaw to gain a shell on this host. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid12086; scriptcveid"CVE-2004-2074"; scriptbugtraqid9800;...
BolinTech DreamFTP Server 1.2 (1.02/TryFTP 1.0.0.1) - Remote User Name Format String
include include include include // WIN NT/2K/XP cmd.exe shellcode // kernel32.dll baseaddress calculation: OS/SP-independent // string-save: 00, 0a and 0d free. // portbinding: port 28876 // looping: reconnect after disconnect char shellcode =...
Crashing Unreal 3.1.6 + NO_IDENT_CHECKING ENABLED [http://virulent.port5.com/dosyalar/unreal_en.txt]
------------------------------------------------- CRASHING UNREAL 3.1.6 + NOIDENTCHECKING ENABLED ------------------------------------------------- DESCRIPTION OF SOFTWARE ----------------------- UnrealIRCd is an IRC server based on the branch of IRCu called Dreamforge, formerly used by the DALne...
HD Soft Windows FTP Server 1.51.6 - Username Format String
HD Soft Windows FTP Server 1.51.6 - Username Format String // source: https://www.securityfocus.com/bid/9385/info It has been reported that Windows FTP Server may be prone to a remote format string vulnerability when processing a malicious request from a client. The vulnerability presents itself...
Multiple Vulnerabilities Sybase Anywhere 9
NGSSoftware Insight Security Research Advisory Name: Multiple Vulnerabilities in Adaptive Server Anywhere Network Server Version 9.0.0 Systems Affected: SQL Anywhere 9 Windows 2000 / XP Have not been verified on UNIX Severity: Critical Vendor URL: http://www.sybase.com Authors: Sherief Hammad...
Tolis Group BRU 17.0 - Local Privilege Escalation (2)
// source: https://www.securityfocus.com/bid/8215/info It has been reported that BRU may not properly parse commandline arguments, potentially leading to at least two vectors of exploitation. It may be possible for local attackers to conduct format string-based attacks as well as buffer...
Tolis Group BRU 17.0 - Local Privilege Escalation (1)
// source: https://www.securityfocus.com/bid/8215/info It has been reported that BRU may not properly parse commandline arguments, potentially leading to at least two vectors of exploitation. It may be possible for local attackers to conduct format string-based attacks as well as buffer...