3112 matches found
CVE-2000-0950
Format string vulnerability in x-gw in TIS Firewall Toolkit FWTK allows local users to execute arbitrary commands via a malformed display name...
CVE-2000-0918
The CVE-2000-0918 entry describes a format string vulnerability in KDE's kvt component (version 1.1.2) that may allow local users to execute arbitrary commands via a DISPLAY environment variable containing formatting characters. The affected software is KDE 1.1.2; root cause is unsafe format-stri...
CVE-2000-0998
CVE-2000-0998 describes a format-string vulnerability in the top program that allows local attackers to gain root privileges via the kill or renice functions. The connected documents confirm the vulnerability description but do not provide concrete exploitation details, affected product versions,...
BFTPd - 'vsprintf()' Format Strings
/ Copyright c 2000 - Security.is The following material may be freely redistributed, provided that the code or the disclaimer have not been partly removed, altered or modified in any way. The material is the property of security.is. You are allowed to adopt the represented code in your programs,...
Solaris/SPARC 2.7 / 7 locale - Format String
/ Exploit for the locale format string vulnerability in Solaris/SPARC 2.7 / 7 Based on the exploit by Warning3 For additional information see http://www.phreedom.org/solar/localesol.txt By Solar Eclipse Assistant Editor, Phreedom Magazine http://www.phreedom.org 10 Oct 2000 / include include defi...
Security Advisory: FreeBSD-SA-00:62.top
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:62 Security Advisory FreeBSD, Inc. Topic: top allows reading of kernel memory Category: core Module: top Announced: 2000-11-01 Credits: [email protected] via OpenBSD...
Solaris 2.6/7.0 /locale - Subsystem Format String
/ source: https://www.securityfocus.com/bid/1634/info nectiva 4.x/5.x,Debian 2.x,IBM AIX 3.x/4.x,Mandrake 7,RedHat 5.x/6.x,IRIX 6.x, Solaris 2.x/7/8,Turbolinux 6.x,Wirex Immunix OS 6.2 Locale Subsystem Format String Many UNIX operating systems provide internationalization support according to the...
FreeBSD 3.54.x - usrbintop Format String
FreeBSD 3.54.x - usrbintop Format String / source: https://www.securityfocus.com/bid/1895/info top is a program used to display system usage statistics in real time written by GoupSys Consulting but shipped by default as a core component with many operating systems. On BSD systems, top is install...
FreeBSD 3.5/4.x - '/usr/bin/top' Format String
/ source: https://www.securityfocus.com/bid/1895/info top is a program used to display system usage statistics in real time written by GoupSys Consulting but shipped by default as a core component with many operating systems. On BSD systems, top is installed setgid kmem so that it may read proces...
FreeBSD-SA-00:62.top
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:62 Security Advisory FreeBSD, Inc. Topic: top allows reading of kernel memory REISSUED Category: core Module: top Announced: 2000-11-01 Reissued: 2000-11-06 Credits:...
Серьезная дырка воо всех утилитах семейства chpass
Утилиты chfn/chpass/chsh/ypchfn/ypchpass/ypchsh/passwd содержат уязвимость форматной строки...
Solsoft NSM Format Strings RCE
The Solsoft NSM application running on the remote host is affected by multiple flaws in ulm logging related to format string processing. An unauthenticated, remote attacker can exploit these to execute arbitrary code. C Tenable Network Security, Inc. include"compat.inc"; if description...
Дырка в libutil (passwd format-string bugs)
Ошибка форматной строки в функции pwerror...
CVE-2000-0741
Format string vulnerability in strong.exe program in NAI Net Tools PKI server 1.0 before HotFix 3 allows remote attackers to execute arbitrary code via format strings in a URL with a .XUDA extension...
CVE-2000-0733
Telnetd telnet server in IRIX 5.2 through 6.1 does not properly cleans user-injected format strings, which allows remote attackers to execute arbitrary commands via a long RLD variable in the IAC-SB-TELOPTENVIRON request...
ntop 1.x - i Local Format String
source: https://www.securityfocus.com/bid/1840/info ntop network top is a unix program used for displaying network usage statistics. It is often installed setuid root because it uses privileged ports. ntop is vulnerable to a format string vulnerability that can compromise root access locally. If...
CVE-2000-0594
BitchX IRC client does not properly cleanse an untrusted format string, which allows remote attackers to cause a denial of service via an invite to a channel whose name includes special formatting characters...
PHP 3.04.0 - Error Logging Format String
PHP 3.04.0 - Error Logging Format String // source: https://www.securityfocus.com/bid/1786/info PHP is a scripting language designed for CGI applications that is used on many websites. There exists a remotely exploitable format string vulnerability in all versions of PHP below PHP 4.0.3. The...
Unixware SCOhelp http server format string vulnerability
CORE SDI Inc. http://www.core-sdi.com Unixware SCOhelp http server format string vulnerability Date Published: 09/27/00 Advisory ID: CORE-092700 Bugtraq ID: 1717 CVE CAN: None currently assigned. Title: Unixware SCOhelp http server format string vulnerability Class: Input validation error Remotel...
Дырка в kvt
Ошибка форматной строки при разборе имени дисплея...