8487 matches found
CVE-2002-0842
Format string vulnerability in certain third party modifications to moddav for logging bad gateway messages e.g. Oracle9i Application Server 9.0.2 allows remote attackers to execute arbitrary code via a destination URI that forces a "502 Bad Gateway" response, which causes the format string...
amx_mod format string bug
Format string bug in amxsay...
[VSA0308] Half-Life AMX-Mod remote (root) hole
void.at Security Advisory VSA0308 - mailto:crew at void dot at AMX1 is a plugin for the "Half-Life Server", hosting the most popular online game today, "Counter-Strike", among others. Overview ======== Due to a format string bug in AMX, it is possible for a remote attacker who knows the...
AMX Mod 0.9.2 - Remote amx_say Format String
AMX Mod 0.9.2 - Remote amxsay Format String // source: https://www.securityfocus.com/bid/6968/info A format string vulnerability has been discovered AMX Mod 0.9.2 and earlier which may be exploitable to execute arbitrary code on a target Half-Life server. The problem occurs when calling the...
AMX Mod 0.9.2 - Remote 'amx_say' Format String
// source: https://www.securityfocus.com/bid/6968/info A format string vulnerability has been discovered AMX Mod 0.9.2 and earlier which may be exploitable to execute arbitrary code on a target Half-Life server. The problem occurs when calling the 'amxsay' command. By passing specially constructe...
CVE-2003-0074
Format string vulnerability in mpmain.c for plpnfsd of the plptools package allows remote attackers to execute arbitrary code via the functions 1 debuglog, 2 errorlog, and 3 infolog...
CVE-2003-0060
Format string vulnerabilities in the logging routines for MIT Kerberos V5 Key Distribution Center KDC before 1.2.5 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via format string specifiers in Kerberos principal names...
CVE-2003-0060
Format string vulnerabilities in the logging routines for MIT Kerberos V5 Key Distribution Center KDC before 1.2.5 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via format string specifiers in Kerberos principal names...
DEBIAN-CVE-2003-0060
Format string vulnerabilities in the logging routines for MIT Kerberos V5 Key Distribution Center KDC before 1.2.5 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via format string specifiers in Kerberos principal names...
DEBIAN-CVE-2003-0074
Format string vulnerability in mpmain.c for plpnfsd of the plptools package allows remote attackers to execute arbitrary code via the functions 1 debuglog, 2 errorlog, and 3 infolog...
Apache mod_dav format string bug
aplogrerror format string bug...
Re: CSSA-2003-007.0 Advisory withdrawn.
-----BEGIN PGP SIGNED MESSAGE----- Just to clarify this a bit further, the moddav module for Apache is not vulnerable to the format string vulnerability as outlined in the original advisory from SCO, CAN-2002-0842 moddav contains code that logs various errors and uses aplogrerror to do so. In...
Security Update: [CSSA-2003-007.0] Linux: Apache mod_dav module format string vulnerability
To: [email protected] [email protected] [email protected] [email protected] SCO Security Advisory Subject: Linux: Apache moddav module format string vulnerability Advisory number: CSSA-2003-007.0 Issue date: 2003 February 17 Cross reference: 1...
Oracle9i Application Server Format String Vulnerability (#NISR16022003d)
NGSSoftware Insight Security Research Advisory Name: Oracle9i Application Server Format String Vulnerability Systems Affected: All platforms; Oracle9i Application Server Release 9.0.2 Severity: Critical Risk Category: Format String Vulnerability Vendor URL: http://www.oracle.com Author: David...
Some implementations of mod_dav contain a format string vulnerability in "ap_log_rerror()" function
Overview A vulnerability in some implementations of moddav may permit a remote attacker to gain unauthorized access to a web server running moddav. Description moddav is a module designed to provide DAV capabilities for a web server. A format string vulnerability in some implementations may permi...
CVE-2003-0074
Format string vulnerability in mpmain.c for plpnfsd of the plptools package allows remote attackers to execute arbitrary code via the functions 1 debuglog, 2 errorlog, and 3 infolog...
CVE-2003-0074
CVE-2003-0074 describes a format-string vulnerability in mpmain.c for the plpnfsd component of the plptools package. The flaw allows remote attackers to execute arbitrary code through (1) debuglog, (2) errorlog, and (3) infolog, as stated in the public records. The connected documents confirm the...
CVE-2003-0074
Format string vulnerability in mpmain.c for plpnfsd of the plptools package allows remote attackers to execute arbitrary code via the functions 1 debuglog, 2 errorlog, and 3 infolog...
CVE-2003-0060
CVE-2003-0060 describes a format-string vulnerability in the MIT Kerberos V5 KDC logging routines prior to version 1.2.5. The issue allows remote attackers to trigger a denial of service (crash) and, potentially, to execute arbitrary code via format string specifiers in Kerberos principal names. ...
MIT Kerberos V5 KDC logging routines use unsafe format strings
Overview Early releases of the MIT Kerberos V5 KDC contain format string vulnerabilities that can be used by unauthenticated remote attackers to conduct denial of service attacks on KDC servers. Description Logging routines in some unspecified versions of the MIT Kerberos V5 Key Distribution Cent...