8491 matches found
CVE-2004-0450
Format string vulnerability in the printlog function in log2mail before 0.2.5.2 allows local users or remote attackers to execute arbitrary code via format string specifiers in a logfile monitored by log2mail...
CVE-2004-0536
Format string vulnerability in Tripwire commercial 4.0.1 and earlier, including 2.4, and open source 2.3.1 and earlier, allows local users to gain privileges via format string specifiers in a file name, which is used in the generation of an email report...
[SECURITY] [DSA 513-1] New log2mail packages fix format string vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 513-1 [email protected] http://www.debian.org/security/ Matt Zimmerman June 3rd, 2004 http://www.debian.org/security/faq -...
tripwire: Format string vulnerability
Background tripwire is an open source file integrity checker. Description The code that generates email reports contains a format string vulnerability in pipedmailmessage.cpp. Impact With a carefully crafted filename on a local filesystem an attacker could cause execution of arbitrary code with...
[SECURITY] [DSA 513-1] New log2mail packages fix format string vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 513-1 [email protected] http://www.debian.org/security/ Matt Zimmerman June 3rd, 2004 http://www.debian.org/security/faq -...
[Full-Disclosure] Format String Vulnerability in Tripwire
SUMMARY ------- Tripwiretm is a Security, Intrusion Detection, Damage Assessment and Recovery, Forensics software. A vulnerability in the product allows a user on the local machine under certain circumstances to execute arbitrary code with the rights of the user running the program typically root...
Tripwire format string bug
Format string bug during e-mail report generation...
DSA-513 log2mail - format string
Bulletin has no description...
CVE-2004-0179
Multiple format string vulnerabilities in 1 neon 0.24.4 and earlier, and other products that use neon including 2 Cadaver, 3 Subversion, and 4 OpenOffice, allow remote malicious WebDAV servers to execute arbitrary code...
DEBIAN-CVE-2004-0156
Format string vulnerabilities in the 1 die or 2 logevent functions for ssmtp before 2.50.6 allow remote mail relays to cause a denial of service and possibly execute arbitrary code...
CVE-2004-0179
Multiple format string vulnerabilities in 1 neon 0.24.4 and earlier, and other products that use neon including 2 Cadaver, 3 Subversion, and 4 OpenOffice, allow remote malicious WebDAV servers to execute arbitrary code...
jftpgw format string buffer overflow
syslog format string bug...
[SECURITY] [DSA 510-1] New jftpgw packages fix format string vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 510-1 [email protected] http://www.debian.org/security/ Matt Zimmerman May 29th, 2004 http://www.debian.org/security/faq -...
tla: Multiple vulnerabilities in included libneon
Background GNU Arch tla is a revision control system suited for widely distributed development. Description Multiple format string vulnerabilities and a heap overflow vulnerability were discovered in the code of the neon library GLSA 200405-01 and 200405-13. Current versions of the tla package...
Arbitrary code execution via a format string vulnerability in jftpgw
The log functions in jftpgw may allow remotely authenticated user to execute arbitrary code via the format string specifiers in certain syslog messages...
[SECURITY] [DSA 510-1] New jftpgw packages fix format string vulnerability
-------------------------------------------------------------------------- Debian Security Advisory DSA 510-1 [email protected] http://www.debian.org/security/ Matt Zimmerman May 29th, 2004 http://www.debian.org/security/faq -...
Multiple MetaMail bugs
Multiple format string bugs and buffer overflow...
[Full-Disclosure] [ GLSA 200405-17 ] Multiple vulnerabilities in metamail
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200405-17 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - -...
Multiple vulnerabilities in metamail
Background Metamail is a program that decodes MIME encoded mail. It is therefore often automatically called when an email is received or read. Description Ulf Harnhammar found two format string bugs and two buffer overflow bugs in Metamail. Impact A remote attacker could send a malicious email...
Important: Red Hat Security Advisory: mc security update
Updated mc packages that resolve several buffer overflow vulnerabilities, one format string vulnerability and several temporary file creation vulnerabilities are now available. Midnight Commander mc is a visual shell much like a file manager. Several buffer overflows, several temporary file...