CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2003/08/27 4:0 a.m.•19 views

CVE-2003-0616

Format string vulnerability in ePO service for McAfee ePolicy Orchestrator 2.0, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code via a POST request with format strings in the computerlist parameter, which are used when logging a failed name resolution...

7.5CVSS7.7AI score0.01965EPSS

Exploits0References2

NVD•added 2003/08/27 4:0 a.m.•17 views

CVE-2003-0672

Format string vulnerability in pam-pgsql 0.5.2 and earlier allows remote attackers to execute arbitrary code via the username that isp rovided during authentication, which is not properly handled when recording a log message...

7.5CVSS7.5AI score0.01882EPSS

securityvulns•added 2003/08/20 12:0 a.m.•30 views

emule/xmule/lmule multiple bugs

Multiple bugs including format string and buffer overflows...

2.6AI score

Exploits0References1Affected Software3

Tenable Nessus•added 2003/08/20 12:0 a.m.•52 views

Dropbear SSH Server Username Remote Format String

The remote host is runnning Dropbear SSH. There is a format string vulnerability in all versions of the Dropbear SSH server up to and including version 0.34. An attacker may use this flaw to execute arbitrary code on the remote host. C Tenable Network Security, Inc. include"compat.inc";...

6.1AI score

NVD•added 2003/08/18 4:0 a.m.•8 views

CVE-2003-0584

Format string vulnerability in Backup and Restore Utility for Unix BRU 17.0 and earlier, when running setuid, allows local users to execute arbitrary code via format string specifiers in a command line argument...

7.2CVSS7.3AI score0.00455EPSS

NVD•added 2003/08/18 4:0 a.m.•16 views

CVE-2003-0555

ImageMagick 5.4.3.x and earlier allows attackers to cause a denial of service crash and possibly execute arbitrary code via a "%x" filename, possibly triggering a format string vulnerability...

7.5CVSS7.6AI score0.00954EPSS

securityvulns•added 2003/08/18 12:0 a.m.•22 views

Dropbear SSH Server format string bug

Format string bug on syslog call;...

1.8AI score

securityvulns•added 2003/08/18 12:0 a.m.•230 views

[UNIX] Dropbear SSH Server Format String Vulnerability

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

7.3AI score

Cvelist•added 2003/08/14 4:0 a.m.•26 views

CVE-2003-0672

7.5AI score0.01882EPSS

CVE•added 2003/08/14 4:0 a.m.•62 views

CVE-2003-0671

CVE-2003-0671 affects tcpflow and is described as a format string vulnerability that, when tcpflow runs in a setuid context (notably the RunTCPFlow program used by Sustworks IPNetSentryX and IPNetMonitorX), allows local users to execute arbitrary code via the device name argument. The available d...

7.2CVSS7.6AI score0.00061EPSS

Exploits1References2Affected Software1

CVE•added 2003/08/14 4:0 a.m.•56 views

CVE-2003-0672

CVE-2003-0672 describes a format-string vulnerability in pam-pgsql 0.5.2 and earlier, where the username supplied during authentication is treated as a format string when writing logs. This can allow remote attackers to execute arbitrary code with the privileges of the PAM-authenticating process....

7.5CVSS7.5AI score0.01882EPSS

securityvulns•added 2003/08/10 12:0 a.m.•24 views

pam-pgsql format string bug

Format string bug in username...

1.3AI score

securityvulns•added 2003/08/10 12:0 a.m.•56 views

[SECURITY] [DSA-370-1] New pam-pgsql packages fix format string vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 370-1 [email protected] http://www.debian.org/security/ Matt Zimmerman August 8th, 2003 http://www.debian.org/security/faq -...

7.5CVSS0.7AI score0.01882EPSS

Debian•added 2003/08/09 3:57 a.m.•14 views

[SECURITY] [DSA-370-1] New pam-pgsql packages fix format string vulnerability

-------------------------------------------------------------------------- Debian Security Advisory DSA 370-1 [email protected] http://www.debian.org/security/ Matt Zimmerman August 8th, 2003 http://www.debian.org/security/faq -...

7.5CVSS6.7AI score0.01882EPSS

securityvulns•added 2003/08/08 12:0 a.m.•27 views

MacOS X privilege escalation

Network traffic sniffing via IPNetMonitorX, format string bug in PNetSentryX...

3.4AI score

NVD•added 2003/08/07 4:0 a.m.•10 views

CVE-2003-0478

Format string vulnerability in 1 Bahamut IRCd 1.4.35 and earlier, and other IRC daemons based on Bahamut including 2 digatech 1.2.1, 3 methane 0.1.1, 4 AndromedeIRCd 1.2.3-Release, and 5 ircd-RU, when running in debug mode, allows remote attackers to cause a denial of service and possibly execute...

10CVSS7.8AI score0.05549EPSS

Exploits0References3

securityvulns•added 2003/08/07 12:0 a.m.•28 views

Crob FTP server format string bug

Multiple FTP commands format string bug...

0.9AI score

exploitpack•added 2003/08/04 12:0 a.m.•21 views

HP Compaq Insight Management Agent 5.0 - Format String

HP Compaq Insight Management Agent 5.0 - Format String source: https://www.securityfocus.com/bid/8336/info The Compaq Management Agent HTTP server is vulnerable to a format string issue. A remote attacker may be able to exploit this vulnerability in order to execute arbitrary code with Local Syst...

0.3AI score

securityvulns•added 2003/08/04 12:0 a.m.•35 views

Compaq HTTP server format string bug

Insight Management Agent format string bug during processing of HTTP request...

0.3AI score