FreeBSD : ImageMagick -- format string vulnerability (713c3913-8c2b-11d9-b58c-0001020eed82)

Tavis Ormandy reports : magemagick-6.2.0-3 fixes an potential issue handling malformed filenames, the flaw may affect webapps or scripts that use the imagemagick utilities for image processing, or applications linked with libMagick. This vulnerability could crash ImageMagick or potentially lead t...

FreeBSD : emacs -- movemail format string vulnerability (3e3c860d-7dae-11d9-a9e7-0001020eed82)

Max Vozeler discovered several format string vulnerabilities in the movemail utility of Emacs. They can be exploited when connecting to a malicious POP server and can allow an attacker can execute arbitrary code under the privileges of the user running Emacs. %NASLMINLEVEL 70300 C Tenable Network...

FreeBSD : mkbold-mkitalic -- format string vulnerability (32d4f0f1-85c3-11d9-b6dc-0007e900f747)

The version 0.061 and prior have a format string vulnerability which can be triggered by using a carefully-crafted BDF font file. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright...

FreeBSD : dillo -- format string vulnerability (28ab7ddf-61ab-11d9-a9e7-0001020eed82)

dillo contains a format string vulnerability which could lead to execution of arbitrary code simply by viewing a web page or opening a HTML file. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML...

FreeBSD : bidwatcher -- format string vulnerability (74c86a29-81ef-11d9-a9e7-0001020eed82)

A Debian Security Advisory reports : Ulf Harnhammer from the Debian Security Audit Project discovered a format string vulnerability in bidwatcher, a tool for watching and bidding on eBay auctions. This problem can be triggered remotely by a web server of eBay, or someone pretending to be eBay,...

FreeBSD : gld -- format string and buffer overflow vulnerabilities (6c2d4f29-af3e-11d9-837d-000e0c2e438a)

Gld has been found vulnerable to multiple buffer overflows as well as multiple format string vulnerabilities. An attacker could exploit this vulnerability to execute arbitrary code with the permissions of the user running Gld, the default user being root. The FreeBSD port defaults to running gld ...

FreeBSD : ngircd -- format string vulnerability (bc4a7efa-7d9a-11d9-a9e7-0001020eed82)

A No System Group security advisory reports that ngircd is vulnerable to a format string vulnerability in the LogResolver function of log.c, if IDENT support is enabled. This could allow a remote attacker to execute arbitrary code with the permissions of the ngircd daemon, which is root by defaul...

FreeBSD : hashcash -- format string vulnerability (5ebfe901-a3cb-11d9-b248-000854d03344)

A Gentoo Linux Security Advisory reports : Tavis Ormandy of the Gentoo Linux Security Audit Team identified a flaw in the Hashcash utility that an attacker could expose by specifying a malformed reply address. Successful exploitation would permit an attacker to disrupt Hashcash users, and...

FreeBSD : xv -- filename handling format string vulnerability (a4bd3039-9a48-11d9-a256-0001020eed82)

A Gentoo Linux Security Advisory reports : Tavis Ormandy of the Gentoo Linux Security Audit Team identified a flaw in the handling of image filenames by xv. Successful exploitation would require a victim to process a specially crafted image with a malformed filename, potentially resulting in the...

FreeBSD : sup -- format string vulnerability (2c5757f4-88bf-11d9-8720-0007e900f87b)

Debian Security Advisory reports : [email protected] discovered a format string vulnerability in sup, a set of programs to synchronize collections of files across a number of machines, whereby a remote attacker could potentially cause arbitrary code to be executed with the privileges of the...

Slackware 8.1 / 9.0 / 9.1 / current : metamail security update (SSA:2004-049-02)

Metamail is a set of utilities for processing MIME mail. New metamail packages are available for Slackware 8.1, 9.0, 9.1, and -current. These fix two format string bugs and two buffer overflows which could lead to unauthorized code execution. Thanks to Ulf Hrnhammar for discovering these problems...

[SECURITY] [DSA 753-1] New gedit packages fix denial of service

-------------------------------------------------------------------------- Debian Security Advisory DSA 753-1 [email protected] http://www.debian.org/security/ Martin Schulze July 12th, 2005 http://www.debian.org/security/faq -...

[SECURITY] [DSA 753-1] New gedit packages fix denial of service

-------------------------------------------------------------------------- Debian Security Advisory DSA 753-1 [email protected] http://www.debian.org/security/ Martin Schulze July 12th, 2005 http://www.debian.org/security/faq -...

CVE-2005-2236

CVE-2005-2236 describes a format string vulnerability in the paginit command for IBM AIX 5.3 (and possibly other versions). The issue could allow local users to execute arbitrary code via format strings supplied in command line arguments. This is a local privilege concern with an impact described...

CVE-2005-2236

Format string vulnerability in the paginit command in IBM AIX 5.3, and possibly other versions, might allow local users to execute arbitrary code via format strings in command line arguments...

CVE-2005-2237

Format string vulnerability in the swcons command in IBM AIX 5.3, and possibly other versions, might allow local users to execute arbitrary code via long command line arguments...

CVE-2005-2237

Format string vulnerability in the swcons command in IBM AIX 5.3, and possibly other versions, might allow local users to execute arbitrary code via long command line arguments...

CVE-2005-2236

Format string vulnerability in the paginit command in IBM AIX 5.3, and possibly other versions, might allow local users to execute arbitrary code via format strings in command line arguments...

CVE-2005-2237

CVE-2005-2237 describes a format string vulnerability in the swcons command on IBM AIX 5.3 (and possibly other versions) that could allow local users to execute arbitrary code via long command line arguments. The vulnerability arises from a format string handling flaw in swcons, enabling local pr...

Debian DSA-753-1 : gedit - format string

A format string vulnerability has been discovered in gedit, a light-weight text editor for GNOME, that may allow attackers to cause a denial of service application crash via a binary file with format string specifiers in the filename. Since gedit supports opening files via 'http://' URLs through...