CVE-2002-0176

CVE-2002-0176 concerns the printf wrappers in libsafe, affected in versions 2.0-11 and earlier. The vulnerability arises because the wrappers do not properly handle argument indexing specifiers, allowing certain calls to proceed with unverified arguments. Mandrake’s MDKSA-2002:026 notes that form...

CVE-2002-0176

The printf wrappers in libsafe 2.0-11 and earlier do not properly handle argument indexing specifiers, which could allow attackers to exploit certain function calls through arguments that are not verified by libsafe...

[SECURITY] [DSA 107-1] New jgroff packages fix printf format problem

-------------------------------------------------------------------------- Debian Security Advisory DSA 107-1 [email protected] http://www.debian.org/security/ Martin Schulze January 30th, 2002 - -------------------------------------------------------------------------- Package : jgroff...

[SECURITY] [DSA-072-1] groff printf format problem

Package : groff Problem type : printf format attack Debian-specific: no Zenith Parse found a security problem in groff the GNU version of troff. The pic command was vulnerable to a printf format attack which made it possible to circumvent the -S option and execute arbitrary code. This has been...

[SECURITY] [DSA-066-1] cfingerd remote exploit

Package : cfingerd Problem type : remote exploit Debian-specific: no Steven van Acker reported on bugtraq that the version of cfingerd a configurable finger daemon as distributed in Debian GNU/Linux 2.2 suffers from two problems: 1. The code that reads configuration files files in which $ command...

[SECURITY] [DSA-061-1] multiple gnupg problems

Package : gnupg Problem type : printf format attack web of trust pollution Debian-specific: no The version of GnuPG GNU Privacy Guard, an OpenPGP implementation as distributed in Debian GNU/Linux 2.2 suffers from two problems: fish stiqz reported on bugtraq that there was a printf format problem ...

[SECURITY] [DSA-058-1] exim printf format attack

Package : exim Problem type : remote printf format attack Debian-specific: no Megyer Laszlo found a printf format bug in the exim mail transfer agent. The code that checks the header syntax of an email logs an error without protecting itself against printf format attacks. This problem has been...

[SECURITY] [DSA-055-1] gftp remote exploit

Package : gftp Problem type : printf format attack Debian-specific: no The gftp package as distributed with Debian GNU/Linux 2.2 has a problem in its logging code: it logged data received from the network but it did not protect itself from printf format attacks. An attacker can use this by making...