Tolis Group BRU 17.0 - Local Root Exploit (1)

No description provided by source. source: http://www.securityfocus.com/bid/8215/info It has been reported that BRU may not properly parse commandline arguments, potentially leading to at least two vectors of exploitation. It may be possible for local attackers to conduct format string-based...

Exim 3.x Format String Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2828/info Exim is a free, open-source Mail Transfer Agent for Unix systems. Exim is vulnerable to a locally exploitable format string attack which may compromise root access. The vulnerability exists only when the 'syntax...

GNU Mailutils imap4d 0.6 - Remote Format String Exploit (exec-shield)

No description provided by source. / Fedora Core 6 exec-shield based GNU imap4d mailutils-0.6 search remote format string exploit by Xpl017Elz Advanced exploitation in exec-shield Fedora Core case study URL: http://x82.inetcop.org/h0me/papers/FCexploit/FCexploit.txt Reference:...

minerCPP 0.4b Remote BOF+Format String Attack Exploit

No description provided by source. !/usr/bin/env python minerCPP 0.4b Remote BOF+Format String Attack Exploit Software Link: http://sourceforge.net/projects/minercpp/ Author: l3D Sites: http://xraysecurity.blogspot.com, http://nullbyte.org.il IRC: irc://irc.nix.co.il Email: [email protected]...

id Software Doom 3 Engine Console String Visualization Format String Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/25893/info id Software Doom 3 engine is prone to a format-string vulnerability. Exploiting this issue will allow attackers to execute arbitrary code with the permissions of a user running the application. Failed attacks...

kernel: ext3: format string issues

fs/ext3/super.c in the Linux kernel before 3.8.4 uses incorrect arguments to functions in certain circumstances related to printk input, which allows local users to conduct format-string attacks and possibly gain privileges via a crafted application...

CVE-2013-1848

fs/ext3/super.c in the Linux kernel before 3.8.4 uses incorrect arguments to functions in certain circumstances related to printk input, which allows local users to conduct format-string attacks and possibly gain privileges via a crafted application...

UBUNTU-CVE-2013-1848

fs/ext3/super.c in the Linux kernel before 3.8.4 uses incorrect arguments to functions in certain circumstances related to printk input, which allows local users to conduct format-string attacks and possibly gain privileges via a crafted application...

glibc: FORTIFY_SOURCE format string protection bypass via "nargs" integer overflow

Integer overflow in the vfprintf function in stdio-common/vfprintf.c in glibc 2.14 and other versions allows context-dependent attackers to bypass the FORTIFYSOURCE protection mechanism, conduct format string attacks, and write to arbitrary memory via a large number of arguments...

PT-2013-1211 · Gnu +3 · Glibc +3

Name of the Vulnerable Software and Affected Versions: glibc versions prior to 2.15-r3 Description: The issue concerns multiple vulnerabilities in the glibc package, which can lead to breaches of confidentiality, integrity, and availability of protected information. Exploitation can occur locally...

MySQL < 4.1.21 / 5.0 Denial of Service

The version of MySQL installed on the remote host is earlier than 4.1.21 / 5.0 and reportedly allows a remote, authenticated user to crash the server via a format string attack. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid17800; scriptversion"1.4";...

FreeBSD : Exim -- remote code execution and information disclosure (36594c54-7be7-11e0-9838-0022156e8794)

Release notes for Exim 4.76 says : Bugzilla 1106: CVE-2011-1764 - DKIM log line was subject to a format-string attack -- SECURITY: remote arbitrary code execution. DKIM signature header parsing was double-expanded, second time unintentionally subject to list matching rules, letting the header cau...

Exim -- remote code execution and information disclosure

Release notes for Exim 4.76 says: Bugzilla 1106: CVE-2011-1764 - DKIM log line was subject to a format-string attack -- SECURITY: remote arbitrary code execution. DKIM signature header parsing was double-expanded, second time unintentionally subject to list matching rules, letting the header caus...

Debian Security Advisory DSA 2065-1 (kvirc)

The remote host is missing an update to kvirc announced via advisory DSA 2065-1. OpenVAS Vulnerability Test $Id: deb20651.nasl 6614 2017-07-07 12:09:12Z cfischer $ Description: Auto-generated from advisory DSA 2065-1 kvirc Authors: Thomas Reinke Copyright: Copyright c 2010 E-Soft Inc...

Debian: Security Advisory (DSA-2065-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

minerCPP 0.4b Buffer Overflow / Format String

!/usr/bin/env python minerCPP 0.4b Remote BOF+Format String Attack Exploit Software Link: http://sourceforge.net/projects/minercpp/ Author: l3D Sites: http://xraysecurity.blogspot.com, http://nullbyte.org.il IRC: irc://irc.nix.co.il Email: [email protected] Tested on Windows 7 In order to make...

minerCPP 0.4b - Remote Buffer Overflow Format String

minerCPP 0.4b - Remote Buffer Overflow Format String !/usr/bin/env python minerCPP 0.4b Remote BOF+Format String Attack Exploit Software Link: http://sourceforge.net/projects/minercpp/ Author: l3D Sites: http://xraysecurity.blogspot.com, http://nullbyte.org.il IRC: irc://irc.nix.co.il Email:...

minerCPP 0.4b - Remote Buffer Overflow / Format String

!/usr/bin/env python minerCPP 0.4b Remote BOF+Format String Attack Exploit Software Link: http://sourceforge.net/projects/minercpp/ Author: l3D Sites: http://xraysecurity.blogspot.com, http://nullbyte.org.il IRC: irc://irc.nix.co.il Email: [email protected] Tested on Windows 7 In order to make...

Debian DSA-2065-1 : kvirc - several vulnerabilities

Two security issues have been discovered in the DCC protocol support code of kvirc, a KDE-based next generation IRC client, which allow the overwriting of local files through directory traversal and the execution of arbitrary code through a format string attack. %NASLMINLEVEL 70300 C Tenable...

[SECURITY] [DSA 2065-1] New kvirc packages fix several vulnerabilities

------------------------------------------------------------------------ Debian Security Advisory DSA-2065-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff June 27, 2010 http://www.debian.org/security/faq -...