3112 matches found
Juergen Weigert screen 3.9 - User Supplied Format String
Juergen Weigert screen 3.9 - User Supplied Format String // source: https://www.securityfocus.com/bid/1641/info Various format string vulnerabilities exist in versions 3.9.5 and prior of 'screen' that may allow local users to elevate their privileges. If screen is setuid root, it is possible to...
UNIX locale format string vulnerability
CORE SDI http://www.core-sdi.com UNIX locale format string vulnerability Date Published: September 4th, 2000 early release Advisory ID: CORE-090400 Bugtraq ID: 1634 CVE CAN: None currently assigned. Title: UNIX locale format string vulnerability Class: Input Validation Error Remotely Exploitable:...
Libc locale - Local Privilege Escalation (1)
Libc locale - Local Privilege Escalation 1 / source: https://www.securityfocus.com/bid/1634/info ectiva 4.x/5.x,Debian 2.x,IBM AIX 3.x/4.x,Mandrake 7,RedHat 5.x/6.x,IRIX 6.x, Solaris 2.x/7/8,Turbolinux 6.x,Wirex Immunix OS 6.2 Locale Subsystem Format String Many UNIX operating systems provide...
Immunix OS 6.2 - LC glibc format string
Immunix OS 6.2 - LC glibc format string / source: https://www.securityfocus.com/bid/1634/info nectiva 4.x/5.x,Debian 2.x,IBM AIX 3.x/4.x,Mandrake 7,RedHat 5.x/6.x,IRIX 6.x, Solaris 2.x/7/8,Turbolinux 6.x,Wirex Immunix OS 6.2 Locale Subsystem Format String Many UNIX operating systems provide...
Redhat Linux 6.x remote root exploit
Hi, Included below is an exploit for the recently exposed linux rpc.statd format string vulnerability0. I have tailored it towards current Redhat Linux 6.x installations. It can easily be incorporated into attacks against the other vulnerable Linux distributions. I am not a security expert, but...
HP-UX FTP Daemon PASS Command Remote Format String
The remote ftp server does not sanitize properly the argument of the PASS command it receives for anonymous accesses. It may be possible for a remote attacker to gain shell access. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...
BitchX IRC Client 75p175p31.0 c16 - INVITE Format String
BitchX IRC Client 75p175p31.0 c16 - INVITE Format String // source: https://www.securityfocus.com/bid/1436/info BitchX IRC clients, versions 75 up to and including 1.0c16, are vulnerable to a Denial of Service and possible remote execution of code. By /invite-ing someone to a channel name...
BitchX IRC Client 75p1/75p3/1.0 c16 - '/INVITE' Format String
// source: https://www.securityfocus.com/bid/1436/info BitchX IRC clients, versions 75 up to and including 1.0c16, are vulnerable to a Denial of Service and possible remote execution of code. By /invite-ing someone to a channel name containing formatting characters %s, %n, etc an IRC user can cau...
CVE-2000-0594
BitchX IRC client does not properly cleanse an untrusted format string, which allows remote attackers to cause a denial of service via an invite to a channel whose name includes special formatting characters...
qpopper format string vulnerability
An authenticated user may trigger a format string vulnerability present in qpopper's UIDL code, resulting in arbitrary code execution with group ID mail' privileges...
CVE-1999-1417
Format string vulnerability in AnswerBook2 AB2 web server dwhttpd 3.1a4 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via encoded % characters in an HTTP request, which is improperly logged...
GNOME's Eye Of Gnome incorrect file name handling
Advisory ID Internal CORE-2003-0304-03 Bugtraq ID: 7121 CVE Name: CAN-2003-0165 CERT: VU363001 Title: GNOME's Eye Of Gnome incorrect file name handling Class: Input validation error Remotely Exploitable: No Locally Exploitable: Yes Vendors contacted: Eye Of Gnome . CORE Notification: 2003-03-14...