CVE-2003-0165

Format string vulnerability in Eye Of Gnome EOG allows attackers to execute arbitrary code via format string specifiers in a command line argument for the file to display...

CVE-2002-1051

Format string vulnerability in TrACESroute 6.0 GOLD aka NANOG traceroute allows local users to execute arbitrary code via the -T terminator command line argument...

CVE-2002-0851

The CVE-2002-0851 issue affects the ISDN4Linux (i4l) package, specifically the PPP daemon ipppd. A format string vulnerability in the device name command line argument is not properly sanitized in a syslog call, allowing a local user to exploit the flaw and gain root privileges. The connected doc...

CVE-2002-1049

Format string vulnerability in HylaFAX faxgetty before 4.1.3 allows remote attackers to cause a denial of service crash via the TSI data element...

CVE-2002-0501

The CVE-2002-0501 entry relates to a format-string vulnerability in the Posadis DNS server’s log_print() function, exploitable by local users and possibly remote attackers. Affected software: Posadis DNS server prior to version m5pre2. Root cause: improper handling of format strings in logging, e...

CVE-2002-0501

Format string vulnerability in logprint function of Posadis DNS server before version m5pre2 allows local users and possibly remote attackers to execute arbitrary code via format strings that are inserted into logging messages...

DEBIAN-CVE-2003-0165

Format string vulnerability in Eye Of Gnome EOG allows attackers to execute arbitrary code via format string specifiers in a command line argument for the file to display...

CVE-2001-0891

Format string vulnerability in NQS daemon nqsdaemon in NQE 3.3.0.16 for CRAY UNICOS and SGI IRIX allows a local user to gain root privileges by using qsub to submit a batch job whose name contains formatting characters...

CVE-2002-0851

Format string vulnerability in ISDN Point to Point Protocol PPP daemon ipppd in the ISDN4Linux i4l package allows local users to gain root privileges via format strings in the device name command line argument, which is not properly handled in a call to syslog...

CVE-2002-1049

CVE-2002-1049 is a format string vulnerability in HylaFAX faxgetty prior to 4.1.3. The TSI data element is used in a format string without proper sanitization, allowing remote attackers to crash the faxgetty process (denial of service). Several advisories reference this issue, with Debian noting ...

CVE-2002-0573

Format string vulnerability in RPC wall daemon rpc.rwalld for Solaris 2.5.1 through 8 allows remote attackers to execute arbitrary code via format strings in a message that is not properly provided to the syslog function when the wall command cannot be executed...

CVE-2003-0165

Format string vulnerability in Eye Of Gnome EOG allows attackers to execute arbitrary code via format string specifiers in a command line argument for the file to display...

CVE-2002-0851

Removed by vendor...

CVE-2002-0916

Format string vulnerability in the allowuser code for the Stellar-X msntauth authentication module, as distributed in Squid 2.4.STABLE6 and earlier, allows remote attackers to execute arbitrary code via format strings in the user name, which are not properly handled in a syslog call...

CVE-2002-0716

CVE-2002-0716 describes a format string vulnerability in the crontab component of SCO OpenServer 5.0.5 and 5.0.6 . The issue arises from format string specifiers in the file name argument , allowing local users to gain privileges . The vulnerability is tied to the crontab handling of a file name ...

CVE-2002-0412

NTOP is affected by CVE-2002-0412 due to a format string vulnerability in the TraceEvent function prior to version 2.1. The issue allows remote attackers to execute arbitrary code by injecting format strings into syslog calls. Attack vectors include an HTTP GET request, or credentials supplied in...

CVE-2001-0891

CVE-2001-0891 describes a format string vulnerability in the NQS daemon (nqsdaemon) of NQE 3.3.0.16 on CRAY UNICOS and SGI IRIX. A local user could gain root privileges by submitting a batch job with a name containing formatting characters (via qsub). The connected documents confirm the vulnerabi...

CVE-2003-0165

Eye of GNOME (EOG) 2.2.0 and earlier is affected by a format-string vulnerability in the command-line filename handling, allowing an attacker to execute arbitrary code with the user’s privileges. Exploitation would require a crafted filename passed to EOG (e.g., via mailcap/mail clients). Patches...

CVE-2003-0165

Format string vulnerability in Eye Of Gnome EOG allows attackers to execute arbitrary code via format string specifiers in a command line argument for the file to display...

CVE-2003-0165

Format string vulnerability in Eye Of Gnome EOG allows attackers to execute arbitrary code via format string specifiers in a command line argument for the file to display...