39 matches found
CVE-2003-0887
The CVE-2003-0887 entry concerns ez-ipupdate (versions 3.0.11b7 and earlier) that creates insecure temporary cache files, enabling a local user to perform unauthorized operations via a symlink attack on the ez-ipupdate.cache file. The linked SUSE/other entries reiterate the same flaw without prov...
CVE-2004-0980
Format string vulnerability in ez-ipupdate.c for ez-ipupdate 3.0.10 through 3.0.11b8, when running in daemon mode with certain service types in use, allows remote servers to execute arbitrary code...
DEBIAN-CVE-2004-0980
Format string vulnerability in ez-ipupdate.c for ez-ipupdate 3.0.10 through 3.0.11b8, when running in daemon mode with certain service types in use, allows remote servers to execute arbitrary code...
CVE-2004-0980
Format string vulnerability in ez-ipupdate.c for ez-ipupdate 3.0.10 through 3.0.11b8, when running in daemon mode with certain service types in use, allows remote servers to execute arbitrary code...
CVE-2004-0980
Format string vulnerability in ez-ipupdate.c for ez-ipupdate 3.0.10 through 3.0.11b8, when running in daemon mode with certain service types in use, allows remote servers to execute arbitrary code...
CVE-2004-0980
The CVE-2004-0980 entry concerns a format string vulnerability in ez-ipupdate.c affecting ez-ipupdate 3.0.10 through 3.0.11b8. When running in daemon mode with certain service types, a remote attacker could cause arbitrary code execution. The provided documents consistently reference vulnerable v...
CVE-2004-0980
Format string vulnerability in ez-ipupdate.c for ez-ipupdate 3.0.10 through 3.0.11b8, when running in daemon mode with certain service types in use, allows remote servers to execute arbitrary code...
CVE-2004-0980
Format string vulnerability in ez-ipupdate.c for ez-ipupdate 3.0.10 through 3.0.11b8, when running in daemon mode with certain service types in use, allows remote servers to execute arbitrary code...
Debian DSA-592-1 : ez-ipupdate - format string
Ulf Harnhammar from the Debian Security Audit Project discovered a format string vulnerability in ez-ipupdate, a client for many dynamic DNS services. This problem can only be exploited if ez-ipupdate is running in daemon mode most likely with many but not all service types. %NASLMINLEVEL 70300 C...
GLSA-200411-20 : ez-ipupdate: Format string vulnerability
The remote host is affected by the vulnerability described in GLSA-200411-20 ez-ipupdate: Format string vulnerability Ulf Harnhammar from the Debian Security Audit Project discovered a format string vulnerability in ez-ipupdate. Impact : An attacker could exploit this to execute arbitrary code wi...
Mandrake Linux Security Advisory : ez-ipupdate (MDKSA-2004:129)
Ulf Harnhammar discovered a format string vulnerability in ez-ipupdate, a client for many dynamic DNS services. The updated packages are patched to protect against this problem. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...
[SECURITY] [DSA 592-1] New ez-ipupdate packages fix format string vulnerability
-------------------------------------------------------------------------- Debian Security Advisory DSA 592-1 [email protected] http://www.debian.org/security/ Martin Schulze November 12th, 2004 http://www.debian.org/security/faq -...
[SECURITY] [DSA 592-1] New ez-ipupdate packages fix format string vulnerability
-------------------------------------------------------------------------- Debian Security Advisory DSA 592-1 [email protected] http://www.debian.org/security/ Martin Schulze November 12th, 2004 http://www.debian.org/security/faq -...
DSA-592-1 ez-ipupdate - format string
Bulletin has no description...
[Full-Disclosure] MDKSA-2004:129 - Updated ez-ipupdate packages fix format string vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandrakelinux Security Update Advisory Package name: ez-ipupdate Advisory ID: MDKSA-2004:129 Date: November 10th, 2004 Affected versions: 10.0, 10.1, 9.2, Corporate Server 2.1, Multi Network Firewall 8.2 Problem Description: Ulf Harnhammar discovered ...
[Full-Disclosure] ez-ipupdate format string bug
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandrakelinux Security Update Advisory Package name: ez-ipupdate Advisory ID: MDKSA-2004:129 Date: November 10th, 2004 Affected versions: 10.0, 10.1, 9.2, Corporate Server 2.1, Multi Network Firewall 8.2 Problem Description: Ulf Harnhammar discovered ...
ez-ipupdate: Format string vulnerability
Background ez-ipupdate is a utility for updating host name information for a large number of dynamic DNS services. Description Ulf Harnhammar from the Debian Security Audit Project discovered a format string vulnerability in ez-ipupdate. Impact An attacker could exploit this to execute arbitrary...
EZ-IPupdate show_message() Remote Format String
Binary data 2399.prm...
CVE-2003-0887
ez-ipupdate 3.0.11b7 and earlier creates insecure temporary cache files, which allows local users to conduct unauthorized operations via a symlink attack on the ez-ipupdate.cache file...