Lucene search
K

3112 matches found

CVE
CVE
added 2001/01/22 5:0 a.m.55 views

CVE-2000-0995

CVE-2000-0995 describes a format-string vulnerability in the OpenBSD yp_passwd utility (and possibly other BSD-based OSes) that can allow an attacker to gain root privileges via a malformed name. The initial description states the vulnerability and impact; a patch is referenced (028_format_string...

7.2CVSS7.2AI score0.00573EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2001/01/22 5:0 a.m.46 views

CVE-2000-1014

The CVE-2000-1014 entry concerns a format string vulnerability in the search97.cgi CGI script of the SCO help HTTP server for Unixware 7 . The flaw allows remote attackers to execute arbitrary commands through format string characters supplied in the queryText parameter, enabling potential remote...

7.5CVSS8AI score0.11512EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2001/01/22 5:0 a.m.52 views

CVE-2000-1000

Summary: CVE-2000-1000 is a format-string vulnerability in AOL Instant Messenger (AIM) 4.1 and earlier. The issue arises when transferring a file whose name contains format specifiers, which can cause a denial of service and may allow arbitrary command execution. Root cause: format-string handlin...

5CVSS7.7AI score0.02209EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2001/01/22 5:0 a.m.28 views

CVE-2000-0947

Format string vulnerability in cfd daemon in GNU CFEngine before 1.6.0a11 allows attackers to execute arbitrary commands via format characters in the CAUTH command...

7.3AI score0.02525EPSS
Exploits0References5
CVE
CVE
added 2001/01/22 5:0 a.m.58 views

CVE-2000-1044

CVE-2000-1044 concerns a format-string vulnerability in ypbind-mt on SuSE Linux (notably SuSE-6.2) that could allow an attacker to gain root privileges. The vulnerability arises in the handling of format strings in the affected component; no exploitation details are provided in the available docu...

10CVSS6.8AI score0.02449EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2001/01/22 5:0 a.m.40 views

CVE-2000-0917

Format string vulnerability in usesyslog function in LPRng 3.6.24 allows remote attackers to execute arbitrary commands...

7.3AI score0.78658EPSS
Exploits4References7
Cvelist
Cvelist
added 2001/01/22 5:0 a.m.19 views

CVE-2000-1014

Format string vulnerability in the search97.cgi CGI script in SCO help http server for Unixware 7 allows remote attackers to execute arbitrary commands via format characters in the queryText parameter...

7.6AI score0.11512EPSS
Exploits1References4
Cvelist
Cvelist
added 2001/01/22 5:0 a.m.21 views

CVE-2000-1000

Format string vulnerability in AOL Instant Messenger AIM 4.1.2010 allows remote attackers to cause a denial of service and possibly execute arbitrary commands by transferring a file whose name includes format characters...

7.6AI score0.02209EPSS
Exploits0References3
CVE
CVE
added 2001/01/22 5:0 a.m.48 views

CVE-2000-1010

The CVE is a format-string vulnerability in talkd reported across multiple UNIX-like systems. Affected: IRIX (talkd in /usr/etc/talkd), UnixWare 7.1.1 and Open UNIX 8.0.0 (in.talkd); OpenBSD and possibly other BSDs per the CVE description. Root cause: untrusted user-supplied fields in talkd allow...

10CVSS7.6AI score0.04561EPSS
Exploits0References3Affected Software2
Cvelist
Cvelist
added 2001/01/22 5:0 a.m.26 views

CVE-2000-1040

Format string vulnerability in logging function of ypbind 3.3, while running in debug mode, leaks file descriptors and allows an attacker to cause a denial of service...

6.4AI score0.02516EPSS
Exploits0References9
CVE
CVE
added 2001/01/22 5:0 a.m.59 views

CVE-2000-0917

CVE-2000-0917 describes a format-string vulnerability in LPRng’s use_syslog() in version 3.6.24 (and earlier), enabling remote attackers to execute arbitrary commands. Multiple sources corroborate: Red Hat RHSA-2000-065 notes vulnerability in 3.6.24 and earlier; CERT advisories document the forma...

10CVSS7.4AI score0.78658EPSS
Exploits4References7Affected Software1
Cvelist
Cvelist
added 2001/01/22 5:0 a.m.22 views

CVE-2000-0996

Format string vulnerability in OpenBSD su program and possibly other BSD-based operating systems allows local attackers to gain root privileges via a malformed shell...

6.7AI score0.00537EPSS
Exploits0References3
CVE
CVE
added 2001/01/22 5:0 a.m.56 views

CVE-2000-0993

The CVE-2000-0993 entry describes a format-string vulnerability in the OpenBSD/libutil pw_error(3) function that, when invoked by setuid programs such as chpass, could let a local user gain superuser access. Public details indicate OpenBSD fixed the issue in 2000 within the affected libutil code,...

7.2CVSS6.9AI score0.01671EPSS
Exploits1References6Affected Software3
CVE
CVE
added 2001/01/22 5:0 a.m.48 views

CVE-2000-1004

CVE-2000-1004 documents a format string vulnerability in OpenBSD photurisd. The issue allows local users to execute arbitrary commands via a configuration-file directory name that contains formatting characters. Affected component: photurisd in OpenBSD (specific version details not provided in th...

4.6CVSS7.5AI score0.00356EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2001/01/22 5:0 a.m.46 views

CVE-2000-1043

CVE-2000-1043 describes a format-string vulnerability in the ypserv component (and related ypbind behavior) affecting Mandrake Linux 7.1 and earlier, with potential impact on other Linux systems. The underlying issue is a format-string bug that can allow an attacker to gain root privileges when y...

10CVSS6.8AI score0.01826EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2001/01/22 5:0 a.m.41 views

CVE-2000-0901

The vulnerability CVE-2000-0901 affects the screen program (versions 3.9.5 and earlier). It stems from a format string vulnerability in the vbell_msg initialization, enabling local users to gain root privileges. Exploitation details are not provided in the supplied documents, and a remediation/pa...

4.6CVSS7AI score0.0097EPSS
Exploits1References8Affected Software1
Cvelist
Cvelist
added 2001/01/22 5:0 a.m.29 views

CVE-2000-1010

Format string vulnerability in talkd in OpenBSD and possibly other BSD-based OSes allows remote attackers to execute arbitrary commands via a user name that contains format characters...

7.6AI score0.04561EPSS
Exploits0References3
CVE
CVE
added 2001/01/22 5:0 a.m.50 views

CVE-2000-0996

CVE-2000-0996: A format-string vulnerability in the OpenBSD su utility (and possibly other BSD-based OSes) allows a local attacker to gain root privileges via a malformed shell. The issue is described in the NVD entry with a CVSS v2 base score of 7.2 (HIGH) and LOCAL, LOW–complexity conditions, e...

7.2CVSS7.1AI score0.00537EPSS
Exploits0References3Affected Software1
exploitpack
exploitpack
added 2001/01/21 12:0 a.m.18 views

Icecast 1.3.71.3.8 - print_client() Format String

Icecast 1.3.71.3.8 - printclient Format String // source: https://www.securityfocus.com/bid/2264/info Versions of icecast up to and including 1.3.8 beta2 exhibit a format string vulnerability in the printclientfunction of utility.c. A malicious user can cause the printf function to overwrite memo...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2001/01/21 12:0 a.m.47 views

Icecast 1.3.7/1.3.8 - 'print_client()' Format String

// source: https://www.securityfocus.com/bid/2264/info Versions of icecast up to and including 1.3.8 beta2 exhibit a format string vulnerability in the printclientfunction of utility.c. A malicious user can cause the printf function to overwrite memory at possibly arbitrary addresses. Exploits...

7.4AI score
Exploits0
Rows per page
Query Builder