Debian DSA-726-1 : oops - format string vulnerability

A format string vulnerability has been discovered in the MySQL/PgSQL authentication module of Oops, a caching HTTP proxy server written for performance. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security...

[SECURITY] [DSA 726-1] New oops packages fix format string vulnerability

-------------------------------------------------------------------------- Debian Security Advisory DSA 726-1 [email protected] http://www.debian.org/security/ Martin Schulze May 20th, 2005 http://www.debian.org/security/faq -...

[SECURITY] [DSA 726-1] New oops packages fix format string vulnerability

-------------------------------------------------------------------------- Debian Security Advisory DSA 726-1 [email protected] http://www.debian.org/security/ Martin Schulze May 20th, 2005 http://www.debian.org/security/faq -...

DSA-726-1 oops - format string vulnerability

Bulletin has no description...

Fedora Core 2 : kernel-2.6.10-1.771_FC2 (2005-262)

Sun Mar 27 2005 Dave Jones - Catch up with all recent security issues. - CVE-2005-0210 : dst leak - CVE-2005-0384 : ppp dos - CVE-2005-0531 : Sign handling issues. - CVE-2005-0400 : EXT2 information leak. - CVE-2005-0449 : Remote oops. - CVE-2005-0736 : Epoll overflow - CVE-2005-0749 : ELF loader...

GLSA-200505-02 : Oops!: Remote code execution

The remote host is affected by the vulnerability described in GLSA-200505-02 Oops!: Remote code execution A format string flaw has been detected in the myxlog function of the Oops! proxy, which is called by the passwdmysql and passwdpgsql module's auth functions. Impact : A remote attacker could...

[Full-disclosure] [ GLSA 200505-02 ] Oops!: Remote code execution

Gentoo Linux Security Advisory GLSA 200505-02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...

Oops!: Remote code execution

Background Oops! is an advanced, multithreaded caching web proxy. Description A format string flaw has been detected in the myxlog function of the Oops! proxy, which is called by the passwdmysql and passwdpgsql module's auth functions. Impact A remote attacker could send a specially crafted HTTP...

CVE-2005-1121

Format string vulnerability in the myxlog function in lib.c for Oops! Proxy Server 1.5.23 and earlier, as called by the auth functions in the passwdmysql and passwdpgsql modules, may allow attackers to execute arbitrary code via a URL...

CVE-2005-1121

CVE-2005-1121 affects Oops! Proxy Server up to version 1.5.23. A format string vulnerability in the my_xlog function (lib.c), triggered via the passwd_mysql and passwd_pgsql authentication modules, may allow an attacker to execute arbitrary code remotely by crafting a URL. The CVSS v2 base score ...

CVE-2005-1121

Format string vulnerability in the myxlog function in lib.c for Oops! Proxy Server 1.5.23 and earlier, as called by the auth functions in the passwdmysql and passwdpgsql modules, may allow attackers to execute arbitrary code via a URL...

oops -- format string vulnerability

A RST/GHC Advisory reports that there is an format string vulnerability in oops. The vulnerability can be found in the MySQL/PgSQL authentication module. Succesful exploitation may allow execution of arbitrary code...

security flaw

The binfmt functionality in the Linux kernel, when "memory overcommit" is enabled, allows local users to cause a denial of service kernel oops via a malformed a.out binary...

CVE-2003-1288

Multiple race conditions in Linux-VServer 1.22 with Linux kernel 2.4.23 and SMP allow local users to cause a denial of service kernel oops via unknown attack vectors related to the 1 sinfo and 2 ipinfo data structures and the a forgetoriginalparent, b goodness, c schedule, d updateprocesstimes, a...

Important: Red Hat Security Advisory: kernel security update

Updated kernel packages that address several security vulnerabilites are now available for the IA64 architecture. Updated 28 August 2003 Changed the CVE name listed in description from the incorrect CAN-2002-0247 to CAN-2003-0247 The Linux kernel handles the basic functions of the operating syste...

[SECURITY] [DSA-358-2] New kernel packages fix potential "oops"

-------------------------------------------------------------------------- Debian Security Advisory DSA 358-2 [email protected] http://www.debian.org/security/ Matt Zimmerman August 5th, 2003 http://www.debian.org/security/faq -...

[SECURITY] [DSA-358-3] New kernel packages fix potential "oops"

-------------------------------------------------------------------------- Debian Security Advisory DSA 358-3 [email protected] http://www.debian.org/security/ Matt Zimmerman August 4th, 2003 http://www.debian.org/security/faq -...

CVE-2001-0028

Buffer overflow in the HTML parsing code in oops WWW proxy server 1.5.2 and earlier allows remote attackers to execute arbitrary commands via a large number of " quotation characters...

CVE-2001-0028

CVE-2001-0028 affects the oops WWW proxy server, version 1.5.2 and earlier, where a buffer overflow in the HTML parsing code can be triggered by a large number of " characters. The vulnerability allows remote attackers to execute arbitrary commands. The initial description does not specify affect...

CVE-2001-0029

Buffer overflow in oops WWW proxy server 1.4.6 and possibly other versions allows remote attackers to execute arbitrary commands via a long host or domain name that is obtained from a reverse DNS lookup...