3114 matches found
CVE-2001-1566
Format string vulnerability in libvanessalogger 0.0.1 in Perdition 0.1.8 allows remote attackers to execute arbitrary code via format string specifiers in the vanessaloggerlog function...
DEBIAN-CVE-2001-1562
Format string vulnerability in nvi before 1.79 allows local users to gain privileges via format string specifiers in a filename...
[SECURITY] [DSA-095-1] gpm (gpm-root) format string vulnerabilities
------------------------------------------------------------------------ Debian Security Advisory DSA-095-1 [email protected] http://www.debian.org/security/ Robert van der Meulen December 27, 2001 - ------------------------------------------------------------------------ Package : gpm Problem...
CVE-2001-1203
Format string vulnerability in gpm-root in gpm 1.17.8 through 1.17.18 allows local users to gain root privileges...
CVE-2001-0869
Format string vulnerability in the default logging callback function saslsyslog in common.c in Cyrus SASL library cyrus-sasl may allow remote attackers to execute arbitrary commands...
CVE-2001-0879
Format string vulnerability in the C runtime functions in SQL Server 7.0 and 2000 allows attackers to cause a denial of service...
CVE-2001-1215
Format string vulnerability in PFinger 0.7.5 through 0.7.7 allows remote attackers to execute arbitrary code via format string specifiers in a .plan file...
GnuPG format string vulnerability in do_get() in ttyio.c while prompting for a new filename
Overview There is a format string vulnerability in GNU Privacy Guard. By sending a GPG message with a carefully crafted malicious filename, an attacker may be able to execute arbitrary code as the user who decrypts the message. Description GNU Privacy Guard GPG is a free, RFC2440 compliant...
CVE-2001-0838
Format string vulnerability in Network Solutions Rwhoisd 1.5.x allows remote attackers to execute arbitrary code via format string specifiers in the -soa command...
WU-FTPD configured to use RFC 931 authentication running in debug mode contains format string vulnerability
Overview WU-FTPD contains a format string vulnerability that manifests when WU-FTPD is configured to use RFC 931 authentication and is run in debug mode. A crafted identd response could be used to execute arbitrary code on a vulnerable server. Description A format string vulnerability exists in t...
CVE-2001-0927
Format string vulnerability in the permitted function of GNOME libgtopdaemon in libgtop 1.0.12 and earlier allows remote attackers to execute arbitrary code via an argument that contains format specifiers that are passed into the 1 syslogmessage and 2 syslogiomessage functions...
[CERT-intexxia] Auto Nice Daemon Format String Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SECURITY ADVISORY INTEXXIAc 26 11 2001 ID 1047-231101 TITLE : Auto Nice Daemon Format String Vulnerability CREDITS : Guillaume Pelat / INTEXXIA SYSTEM AFFECTED =============== AND = 1.0.4 DESCRIPTION =========== Auto Nice Daemon is vulnerable to a...
CVE-2001-0920
Format string vulnerability in auto nice daemon AND 1.0.4 and earlier allows a local user to possibly execute arbitrary code via a process name containing a format string...
CVE-2001-0913
Format string vulnerability in Network Solutions Rwhoisd 1.5.7.2 and earlier, when using syslog, allows remote attackers to corrupt memory and possibly execute arbitrary code via a rwhois request that contains format specifiers...
CVE-2001-0915
Format string vulnerability in Berkeley parallel make pmake 2.1.33 and earlier allows a local user to gain root privileges via format specifiers in the check argument of a shell definition...
CVE-2001-1129
Format string vulnerabilities in 1 probuild, 2 dbutil, 3 mprosrv, 4 mprshut, 5 proapsv, 6 progres, 7 proutil, 8 rfutil and 9 prolib in Progress database 9.1C allows a local user to execute arbitrary code via format string specifiers in the file used by the PROMSGS environment variable...
NSI RWhoisd contains format string vulnerability in print_error()
Overview A remotely exploitable format string vulnerability exists in the Referral Whois server daemon RWhoisd. Description As the Internet has grown, the centralized whois database was not able to scale. In order to deal with scaling the whois system, Referral Whois was developed. Referral Whois...
[SECURITY] [DSA 085-1] New nvi packages fix format string vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 085-1 [email protected] http://www.debian.org/security/ Martin Schulze October 20th, 2001 -...
[SECURITY] [DSA 085-1] New nvi packages fix format string vulnerability
-------------------------------------------------------------------------- Debian Security Advisory DSA 085-1 [email protected] http://www.debian.org/security/ Martin Schulze October 20th, 2001 - -------------------------------------------------------------------------- Package : nvi, nvi-m17n...
CVE-2001-0789
Format string vulnerability in avpkeeper in Kaspersky KAV 3.5.135.2 for Sendmail allows remote attackers to cause a denial of service or possibly execute arbitrary code via a malformed mail message...