[SA16181] ProFTPD Two Format String Vulnerabilities

---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...

ethereal -- multiple protocol dissectors vulnerabilities

An Ethreal Security Advisories reports: Our testing program has turned up several more security issues: The LDAP dissector could free static memory and crash. The AgentX dissector could crash. The 802.3 dissector could go into an infinite loop. The PER dissector could abort. The DHCP dissector...

proftpd -- format string vulnerabilities

The ProFTPD release notes states: sean found two format string vulnerabilities, one in modsql's SQLShowInfo directive, and one involving the 'ftpshut' utility. Both can be considered low risk, as they require active involvement on the part of the site administrator in order to be exploited. These...

ProFTPD format string vulnerabilities

Format string in directory name on shutdown message...

nbsmtp -- format string vulnerability

When nbsmtp is executed in debug mode, server messages will be printed to stdout and logged via syslog. Syslog is used insecurely and user-supplied format characters are directly fed to the syslog function, which results in a format string vulnerability. Under some circumstances, an SMTP server m...

gxine format string vulnerability

New gxine packages are available for Slackware 10.0, 10.1, and -current to fix a format string security issue. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1692 Here are the details from...

CVE-2004-2264

GNU less versions 358–382 contain a format-string bug in the open_altfile function (filename.c) that may allow local users to cause a denial of service or possibly execute arbitrary code via the LESSOPEN environment variable. The PT-2004-3159 advisory notes this is not a vulnerability unless priv...

CVE-2004-2264

Format string bug in the openaltfile function in filename.c for GNU less 382, 381, and 358 might allow local users to cause a denial of service or possibly execute arbitrary code via format strings in the LESSOPEN environment variable. NOTE: since less is not setuid or setgid, then this is not a...

Multiple Race Drivers game vulnerabilities

Buffer overflows, format string bugs,...

CVE-2004-2238

The CVE concerns a format-string issue in vsybase.c of vpopmail versions up to 5.4.2. A follow-up note indicates the source uses constants that, when compiled, become static format strings, and this is described as not a vulnerability. No concrete impact, attack vectors, or remediation details ar...

CVE-2004-2238

Format string vulnerability in vsybase.c in vpopmail 5.4.2 and earlier has unknown impact and attack vectors. NOTE: in a followup post, it was observed that the source code used constants that, when compiled, became static format strings. Thus this is not a vulnerability...

XV

New XV image viewer packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, and -current to fix security issues. Format string and other issues could cause a crash or execution of arbitrary code if a specially crafted image is loaded with XV. Here are the details from the Slackware 10.1...

CVE-2001-1566

Format string vulnerability in libvanessalogger 0.0.1 in Perdition 0.1.8 allows remote attackers to execute arbitrary code via format string specifiers in the vanessaloggerlog function...

CVE-2001-1562

CVE-2001-1562 affects the nvi editor; it is a format string vulnerability in which, before version 1.79, local users could gain privileges via format specifiers embedded in a filename. The Debian advisory DSA-085-1 and OpenVAS entries reiterate that nvi (and nvi-m17n) needed updates to address th...

CVE-2001-1562

Format string vulnerability in nvi before 1.79 allows local users to gain privileges via format string specifiers in a filename...

CVE-2001-1566

Format string vulnerability in libvanessalogger 0.0.1 in Perdition 0.1.8 allows remote attackers to execute arbitrary code via format string specifiers in the vanessaloggerlog function...

CVE-2002-2022

The CVE-2002-2022 entry concerns Kaffe OpenVM 1.0.6 and earlier. Root cause: a format string vulnerability in the handling of forName attributes that can be triggered when a java.lang.NoClassDefFoundError is thrown, allowing a local attacker to execute arbitrary code. Affected component: the VM’s...

CVE-2002-2022

Format string vulnerability in Kaffe OpenVM 1.0.6 and earlier allows local users to execute arbitrary code, when a java.lang.NoClassDefFoundError is thrown, via format specifiers in the forName attribute...

CVE-2001-1562

Format string vulnerability in nvi before 1.79 allows local users to gain privileges via format string specifiers in a filename...

FreeBSD : oops -- format string vulnerability (1033750f-cab4-11d9-9aed-000e0c2e438a)

A RST/GHC Advisory reports that there is an format string vulnerability in oops. The vulnerability can be found in the MySQL/PgSQL authentication module. Succesful exploitation may allow execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...