CVE-2005-1122

The CVE-2005-1122 entry concerns the Monkey HTTP Server component monkeyd, specifically a format string vulnerability in cgi.c prior to version 0.9.1. A remote attacker can trigger a denial of service and potentially arbitrary code execution by sending an HTTP GET request containing double-encode...

CVE-2005-1121

CVE-2005-1121 affects Oops! Proxy Server up to version 1.5.23. A format string vulnerability in the my_xlog function (lib.c), triggered via the passwd_mysql and passwd_pgsql authentication modules, may allow an attacker to execute arbitrary code remotely by crafting a URL. The CVSS v2 base score ...

CVE-2005-1121

Format string vulnerability in the myxlog function in lib.c for Oops! Proxy Server 1.5.23 and earlier, as called by the auth functions in the passwdmysql and passwdpgsql modules, may allow attackers to execute arbitrary code via a URL...

CVE-2005-1127

Format string vulnerability in the log function in Net::Server 0.87 and earlier, as used in Postfix Greylisting Policy Server Postgrey 1.18 and earlier, and possibly other products, allows remote attackers to cause a denial of service crash via format string specifiers that are not properly handl...

CVE-2005-1127

CVE-2005-1127 covers a format-string vulnerability in the log function of the perl-Net-Server module (versions ≤ 0.87) as used by Postfix Greylisting Policy Server (Postgrey) ≤ 1.18. The issue arises from format specifiers not being properly handled before sending to syslog, allowing remote attac...

CVE-2005-1127

Format string vulnerability in the log function in Net::Server 0.87 and earlier, as used in Postfix Greylisting Policy Server Postgrey 1.18 and earlier, and possibly other products, allows remote attackers to cause a denial of service crash via format string specifiers that are not properly handl...

[ GLSA 200504-14 ] monkeyd: Multiple vulnerabilities

Gentoo Linux Security Advisory GLSA 200504-14 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...

GLSA-200504-14 : monkeyd: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200504-14 monkeyd: Multiple vulnerabilities Tavis Ormandy of the Gentoo Linux Security Audit Team discovered a double expansion error in monkeyd, resulting in a format string vulnerability. Ciaran McCreesh of Gentoo Linux discover...

CVE-2003-0363

The CVE-2003-0363 entry covers a format string vulnerability in LICQ versions 1.2.6 and 1.0.3 (and possibly others). The underlying issue is a format string vulnerability in which an attacker can influence format specifiers to perform unknown actions remotely. The vulnerability affects LICQ’s han...

CVE-2003-0363

Format string vulnerability in LICQ 1.2.6, 1.0.3 and possibly other versions allows remote attackers to perform unknown actions via format string specifiers...

monkeyd: Multiple vulnerabilities

Background monkeyd is a fast, efficient, small and easy to configure web server for Linux. Description Tavis Ormandy of the Gentoo Linux Security Audit Team discovered a double expansion error in monkeyd, resulting in a format string vulnerability. Ciaran McCreesh of Gentoo Linux discovered a...

Monkey HTTP Daemon (monkeyd) < 0.9.1 Multiple Vulnerabilities

The version of the Monkey HTTP Server installed on the remote host suffers from the following flaws : - A Format String Vulnerability A remote attacker may be able to execute arbitrary code with the permissions of the user running monkeyd by sending a specially- crafted request. - A Denial of...

CVE-2005-1122

Format string vulnerability in cgi.c for Monkey daemon monkeyd before 0.9.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an HTTP GET request containing double-encoded format string specifiers aka "double expansion error"...

CVE-2004-1004

Multiple format string vulnerabilities in Midnight Commander mc 4.5.55 and earlier allow remote attackers to have an unknown impact...

CVE-2004-1004

Multiple format string vulnerabilities in Midnight Commander mc 4.5.55 and earlier allow remote attackers to have an unknown impact...

CVE-2004-1004

Multiple format string vulnerabilities in Midnight Commander mc 4.5.55 and earlier allow remote attackers to have an unknown impact...

DEBIAN-CVE-2004-1004

Multiple format string vulnerabilities in Midnight Commander mc 4.5.55 and earlier allow remote attackers to have an unknown impact...

oops -- format string vulnerability

A RST/GHC Advisory reports that there is an format string vulnerability in oops. The vulnerability can be found in the MySQL/PgSQL authentication module. Succesful exploitation may allow execution of arbitrary code...

GLSA-200504-10 : Gld: Remote execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-200504-10 Gld: Remote execution of arbitrary code dong-hun discovered several buffer overflows in server.c, as well as several format string vulnerabilities in cnf.c. Impact : An attacker could exploit this vulnerability to execut...

CVE-2005-1100

CVE-2005-1100 affects Greylisting daemon (GLD) 1.3 and 1.4. The vulnerability is a format-string bug in the ErrorLog function (cnf.c) that allows remote code execution via data passed to syslog. Linked advisories (GLSA 200504-10) describe remote arbitrary-code execution due to format-string issue...