Solaris 2.6 (x86) : 112894-01

SunOS 5.6x86: rpc.rwalld has format string problem. Date this patch was last updated by Sun : Jun/17/02 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network Security, Inc. i...

Solaris 2.5.1 (x86) : 112892-01

SunOS 5.5.1x86: rpc.rwalld has format string problem. Date this patch was last updated by Sun : Jun/14/02 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network Security, Inc...

CVE-2004-0640

CVE-2004-0640 is a format string vulnerability in the SSL_set_verify function of telnetd.c for the SSLtelnet daemon (SSLtelnetd) v0.13 that allows remote code execution. Connected records tie this to netkit-telnet-ssl and related packages (e.g., Debian netkit-telnet-ssl) with advisories noting a ...

CVE-2004-0640

Format string vulnerability in the SSLsetverify function in telnetd.c for SSLtelnet daemon SSLtelnetd 0.13 allows remote attackers to execute arbitrary code...

CVE-2004-0448

The CVE-2004-0448 entry describes a format-string vulnerability in the log function of jftpgw 0.13.4 and earlier. The flaw allows remote authenticated users to execute arbitrary code via format string specifiers in certain syslog messages. Documents confirm affected software (jftpgw, an FTP proxy...

CVE-2004-0448

Format string vulnerability in the log function for jftpgw 0.13.4 and earlier allows remote authenticated users to execute arbitrary code via format string specifiers in certain syslog messages...

FreeBSD : qpopper format string vulnerability (160)

The following package needs to be updated: qpopper %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkgebdf65c72ca611d893550020ed76ef5a.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright...

RHEL 2.1 : cadaver (RHSA-2004:157)

An updated cadaver package that fixes a vulnerability in neon exploitable by a malicious DAV server is now available. cadaver is a command-line WebDAV client that uses inbuilt code from neon, an HTTP and WebDAV client library. Versions of the neon client library up to and including 0.24.4 have be...

FreeBSD : ezbounce remote format string vulnerability (45)

The following package needs to be updated: ezbounce %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkgc480eb5e7f0011d8868e000347dd607f.nasl. Disabled on 2011/10/01. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright...

RHEL 2.1 : tripwire (RHSA-2004:244)

Updated Tripwire packages that fix a format string security vulnerability are now available. Tripwire is a system integrity assessment tool. Paul Herman discovered a format string vulnerability in Tripwire version 2.3.1 and earlier. If Tripwire is configured to send reports via email, a local use...

FreeBSD : hsftp format string vulnerabilities (68)

The following package needs to be updated: hsftp %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkg316e1c9b671c11d89aad000a95bc6fae.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright 2003-20...

FreeBSD : Midnight Commander buffer overflows, format string bugs, and insecure temporary file handling (106)

The following package needs to be updated: mc %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkg0c6f3fde9c5111d893660020ed76ef5a.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright 2003-2006...

RHEL 2.1 : mc (RHSA-2004:172)

Updated mc packages that resolve several buffer overflow vulnerabilities, one format string vulnerability and several temporary file creation vulnerabilities are now available. Midnight Commander mc is a visual shell much like a file manager. Several buffer overflows, several temporary file...

FreeBSD : Buffer overflows and format string bugs in Emil (39)

The following package needs to be updated: emil %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkgce46b93a80f211d896450020ed76ef5a.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright 2003-200...

FreeBSD : GNU Anubis buffer overflows and format string vulnerabilities (6)

The following package needs to be updated: anubis %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkg8471bb856fb011d8873f0020ed76ef5a.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright...

RHEL 2.1 : metamail (RHSA-2004:073)

Updated metamail packages that fix a number of vulnerabilities are now available. Metamail is a system for handling multimedia mail. Ulf Harnhammar discovered two format string bugs and two buffer overflow bugs in versions of Metamail up to and including 2.7. An attacker could create a...

CVE-2004-0623

Removed by vendor...

CVE-2004-0393

Format string vulnerability in the msg function for rlpr daemon rlprd 2.0.4 allows remote attackers to execute arbitrary code via format string specifiers in a buffer that can not be resolved, which is provided to the syslog function...

CVE-2004-0451

Multiple format string vulnerabilities in the 1 logquit, 2 logerr, or 3 loginfo functions in Software Upgrade Protocol SUP allows remote attackers to execute arbitrary code via format string specifiers in messages that are logged by syslog...

CVE-2004-0451

CVE-2004-0451 describes multiple format-string vulnerabilities in the Software Upgrade Protocol (SUP) affecting the internal logging functions logquit, logerr, and loginfo. The underlying issue allows a remote attacker to cause arbitrary code execution via format specifiers contained in syslog me...