8663 matches found
RHEL 2.1 : krb5 (RHSA-2003:052)
Updated kerberos packages fix a number of vulnerabilities found in MIT Kerberos. Kerberos is a network authentication system. The MIT Kerberos team released an advisory describing a number of vulnerabilities that affect the kerberos packages shipped by Red Hat. An integer signedness error in the...
RHEL 2.1 : nss_ldap (RHSA-2002:180)
Updated nssldap packages are now available for Red Hat Linux Advanced Server 2.1. These updates fix a potential buffer overflow which can occur when nssldap is set to configure itself using information stored in DNS as well as a format string bug in logging functions used in pamldap. Updated 09 J...
CVE-2004-0623
Format string vulnerability in misc.c in GNU GNATS 4.00 may allow remote attackers to execute arbitrary code via format string specifiers in a string that gets logged by syslog...
CVE-2004-0623
Removed by vendor...
Sun Solaris patches may cause passwords to be logged in clear text
Overview Sun Solaris contains a vulnerability in which systems configured as kerberos clients that have specific patches installed may log passwords in clear text. Description Sun Microsystems released patches 112908-12 and 115168-03 to address issues in kerberos. There is a vulnerability in thes...
Asterisk PBX 0.7.x - Multiple Logging Format String Vulnerabilities
source: https://www.securityfocus.com/bid/10569/info It is reported that Asterisk is susceptible to format string vulnerabilities in its logging functions. An attacker may use these vulnerabilities to corrupt memory, and read or write arbitrary memory. Remote code execution is likely possible. Du...
Problem With IP Logging In Invision Power Board?
IPB like many other forum systems logs visitors IP's However I have noticed in the past that people who are surfing through some proxies have their internal private IP logged instead of their "real" IP Address. Here are a few screenshots I took of my LAN IP being logged instead of my internet IP...
CVE-2004-0513
Unspecified vulnerability in Mac OS X before 10.3.4 has unknown impact and attack vectors related to "logging when tracing system calls."...
Invision Power Board (IP.Board) 1.3.1 - Design Error
Invision Power Board IP.Board 1.3.1 - Design Error IP.Board Design Error Vendor: Invision Power Services Product: IP.Board Version: = 1.3.1 Website: http://www.invisionpower.com/ BID: 10559 Description: Invision Power Board IPB is a professional forum system that has been built from the ground up...
Remote Format String Vulnerabilities in eXtremail
Package: eXtremail Auth: http://www.extremail.com/ Versions: 1.5.9 current release Vulnerability: Format String What’s eXtremail: eXtremail is a Unix mail server that supports SMTP/POP3/IMAP protocols. It includes support for virtual domains, spoofing attack ,SSL connection and Antivirus checking...
Macromedia ColdFusion MX 6.0 - Oversized Error Message Denial of Service
Macromedia ColdFusion MX 6.0 - Oversized Error Message Denial of Service source: https://www.securityfocus.com/bid/10163/info A denial of service vulnerability has been reported in Macromedia ColdFusion MX that is reported to occur when the software attempts to write oversized error messages. The...
Macromedia ColdFusion MX 6.0 - Oversized Error Message Denial of Service
source: https://www.securityfocus.com/bid/10163/info A denial of service vulnerability has been reported in Macromedia ColdFusion MX that is reported to occur when the software attempts to write oversized error messages. These error messages will be logged by the server but may also be written in...
ssmtp format string bug
Format string bug in logging...
Sun Solaris SSH Daemon fails to properly log client IP addresses
Overview The Sun Solaris Secure Shell Daemon sshd may incorrectly log client IP addresses. Description SSH is a program used to provide secure connection and communications between client and servers. Upon connecting to the service, the client's IP address is logged. There is a vulnerability in t...
CVE-2004-1357
The Secure Shell SSH Daemon SSHD in Sun Solaris 9 does not properly log IP addresses when SSHD is configured with the ListenAddress as 0.0.0.0, which makes it easier for remote attackers to hide the source of their activities...
Format string bug in IGI 2: Covert Strike 1.3
Luigi Auriemma Application: IGI 2: Covert Strike http://www.igi2-game.com Versions: = 1.3 Platforms: Windows, Linux Bug: format string bug Risk: high Exploitation: remote, versus server Date: 05 Apr 2004 Author: Luigi Auriemma e-mail: [email protected] web: http://aluigi.altervista.org 1...
Multiple IRIX ftpd DoS
DoS, logging bypass...
Buffer overflow in PicoPhone 1.63
Luigi Auriemma Application: Picophone http://www.vitez.it/picophone/ Versions: = 1.63 Platforms: Windows Bug: buffer overflow in the logging function Risk: high Exploitation: remote Date: 24 Mar 2004 Author: Luigi Auriemma e-mail: [email protected] web: http://aluigi.altervista.org 1...
PicoPhone buffer overflow
Buffer overflow during logging...
CVE-2004-0168
Unknown vulnerability in CoreFoundation for Mac OS X 10.3.2, related to "notification logging."...