3112 matches found
CVE-2001-0387
Format string vulnerability in hfaxd in HylaFAX before 4.1.b22 allows local users to gain privileges via the -q command line argument...
CVE-2001-0359
Format string vulnerability in Sierra Half-Life build 1573 and earlier allows a remote attacker to execute arbitrary code via the map command...
CVE-2001-0489
Format string vulnerability in gftp prior to 2.0.8 allows remote malicious FTP servers to execute arbitrary commands...
eXtremail 1.x2.1 - Remote Format String (1)
eXtremail 1.x2.1 - Remote Format String 1 // source: https://www.securityfocus.com/bid/2908/info eXtremail is a freeware SMTP server available for Linux and AIX. eXtremail contains a format-string vulnerability in its logging mechanism. Attackers can send SMTP commands argumented with maliciously...
SECURITY.NNOV: KAV (AVP) for sendmail format string vulnerability
Hello , Topic: Format string vulnerability in AVP for sendmail Author: 3APA3A [email protected] Affected Software: KAV for sendmail 3.5.135.2 Vendor: Kaspersky Lab Vendor Notified: 30 May 2001 Risk: High/Average Remotely Exploitable: Yes Impact: DoS/Remote root compromise Released: 06 June...
CVE-2001-0155
Format string vulnerability in VShell SSH gateway 1.0.1 and earlier allows remote attackers to execute arbitrary commands via a user name that contains format string specifiers...
GNU Privacy Guard 1.0.x - Format String
GNU Privacy Guard 1.0.x - Format String source: https://www.securityfocus.com/bid/2797/info GnuPG is a popular open source public/private key encryption system. It is possible for attackers to create an encrypted document that will exploit a format string vulnerability in the GnuPG client when th...
CVE-2001-0359
Format string vulnerability in Sierra Half-Life build 1573 and earlier allows a remote attacker to execute arbitrary code via the map command...
EUVD-2001-0013
Format string vulnerability in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges...
CVE-2001-0197
CVE-2001-0197 affects the Icecast server: vulnerable in the print_client function for Icecast versions 1.3.8beta2 and earlier. The issue is a format-string vulnerability that allows remote attackers to execute arbitrary commands. The Debian advisory notes fixes in Icecast 1.3.10-1, indicating a p...
CVE-2001-0318
CVE-2001-0318 corresponds to a format-string vulnerability in ProFTPD 1.2.0rc2 that could allow an attacker to execute arbitrary commands by shutting down the FTP server while a malformed working directory (cwd) is in use. The vulnerability is remote and unauthenticated per the CVSS data, with At...
CVE-2001-0197
Format string vulnerability in printclient in icecast 1.3.8beta2 and earlier allows remote attackers to execute arbitrary commands...
CVE-2001-0318
Format string vulnerability in ProFTPD 1.2.0rc2 may allow attackers to execute arbitrary commands by shutting down the FTP server while using a malformed working directory cwd...
CVE-2001-0193
CVE-2001-0193 describes a format-string vulnerability in the man page viewer, observed in some Linux distributions via the -l parameter, enabling local privilege escalation. Connected documents identify Debian as affected via the man-db package and reference Debian Security Advisory DSA-028-1, wh...
CVE-2001-0060
Format string vulnerability in stunnel 3.8 and earlier allows attackers to execute arbitrary commands via a malformed ident username...
CVE-2001-0013
Format string vulnerability in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges...
CVE-2001-0193
Format string vulnerability in man in some Linux distributions allows local users to gain privileges via a malformed -l parameter...
CVE-2001-0111
CVE-2001-0111 : The vulnerability affects the splitvt utility (before 1.6.5). It is a format-string flaw that can allow a local attacker to run arbitrary commands via the -rcfile argument. Debian’s DSA-014-2 describes a buffer overflow/format-string attack with root access risk; remediation is up...
CVE-2001-0060
CVE-2001-0060 affects stunnel up to version 3.8 and earlier. The vulnerability is a format-string flaw in handling the ident username, enabling an attacker to execute arbitrary commands. Connected advisories reference Debian DSA 009-1 and indicate the need to update/stabilize stunnel; no exploit ...
CVE-2001-0218
Format string vulnerability in marsnwe 0.99.pl19 allows remote attackers to execute arbitrary commands...