147 matches found
Qnap QTS and QuTS hero Use of Externally-Controlled Format String (CVE-2024-50400)
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to obtain secret data or modify memory. We have already fixed the...
EUVD-2023-52297
Malicious code in bioql PyPI...
ComSndFTP Server 1.3.7 Beta Denial Of Service
!/usr/bin/perl ComSndFTP Server Remote Format String Denial of Service DoS use strict; use warnings; use IO::Socket; $| = 1; my $host = "192.168.172.136"; my $port = "21""; my $payload = '%s%p%x%d'; print "Connecting... "; my $sock = IO::Socket::INET-new PeerAddr = $host, PeerPort = $port, Proto ...
CVE-2023-48221 wire-avs remote format string vulnerability
wire-avs provides Audio, Visual, and Signaling AVS functionality sure the secure messaging software Wire. Prior to versions 9.2.22 and 9.3.5, a remote format string vulnerability could potentially allow an attacker to cause a denial of service or possibly execute arbitrary code. The issue has bee...
CVE-2023-48221 wire-avs remote format string vulnerability
wire-avs provides Audio, Visual, and Signaling AVS functionality sure the secure messaging software Wire. Prior to versions 9.2.22 and 9.3.5, a remote format string vulnerability could potentially allow an attacker to cause a denial of service or possibly execute arbitrary code. The issue has bee...
PT-2023-30738 · Wire-Avs · Wire-Avs
Name of the Vulnerable Software and Affected Versions: wire-avs versions prior to 9.2.22 wire-avs versions prior to 9.3.5 Description: A remote format string issue could potentially allow an attacker to cause a denial of service or possibly execute arbitrary code. Recommendations: For versions...
GHSA-2J6V-XPF3-XVRV Use of Externally-Controlled Format String in wire-avs
Impact A remote format string vulnerability allowed an attacker to cause a denial of service or possibly execute arbitrary code. Patches The issue has been fixed in wire-avs 7.1.12 and is already included on all Wire products currently used version is 8.0.x Workarounds No workaround known...
Axis Communications MPQTPACS 5.20.x - Server-Side Include Daemon Remote Format String
Axis Communications MPQTPACS 5.20.x - Server-Side Include Daemon Remote Format String !/usr/bin/env python2.7 SOF Remote Format String Exploit Axis Communications MPQT/PACS Server Side Include SSI Daemon Research and development by bashis 2016 This format string vulnerability has following...
PHP Remote Formatting String Vulnerability
PHP is an open source general-purpose computer scripting language. A remote format string vulnerability exists in PHP that can be exploited by a remote attacker to crash an application or execute arbitrary code by submitting a special request. A remote attacker could exploit the vulnerability to...
GNU Mailutils imap4d 0.6 - Remote Format String Exploit (exec-shield)
No description provided by source. / Fedora Core 6 exec-shield based GNU imap4d mailutils-0.6 search remote format string exploit by Xpl017Elz Advanced exploitation in exec-shield Fedora Core case study URL: http://x82.inetcop.org/h0me/papers/FCexploit/FCexploit.txt Reference:...
WarFTP Daemon 1.82 RC 11 Remote Format String Vulnerability
No description provided by source. Exploit Title: War FTP Daemon Remote Format String Vulnerability crash: http://img826.imageshack.us/img826/6222/69004160.png Date: 2012-08-30 Author: coolkaveh [email protected] https://twitter.com/coolkaveh Vendor Homepage: http://www.warftp.org Version:...
GNU Mailutils imap4d 0.5 < 0.6.90 Remote Format String Exploit
No description provided by source. / gun-imapd.c gnu mailutils-0.5 - mailutils-0.6.90 remote formatstring exploit written and tested on FC3. this is a first testing version and the onlyone to go public. by [email protected] / include stdio.h include string.h include unistd.h include stdlib.h...
Xine 0.9/1.0 Playlist Handling Remote Format String Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/17579/info The xine package is reported prone to a remote format-string vulnerability. This issue arises when the application handles specially crafted playlist files. An attacker can exploit this vulnerability by craftin...
Vinagre < 2.24.2 show_error() Remote Format String PoC
No description provided by source. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Vinagre showerror format string vulnerability 1. Advisory Information Title: Vinagre showerror format string vulnerability Advisory...
Xine 0.99.4 M3U Remote Format String Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/22252/info The 'xine' program is prone to a remote format-string vulnerability because the application fails to properly sanitize user-supplied input before including it in the format-specifier argument of a...
SonicWALL Global VPN Client 4.0.782 Remote Format String Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/26689/info SonicWALL Global VPN Client is prone to a remote format-string vulnerability because it fails to properly sanitize user-supplied input before passing it as the format specifier to a formatted-printing function...
Epic Games Unreal Tournament Server 436.0 Engine Remote Format String Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9840/info A format string vulnerability has been reported to exists in the Unreal Tournament server engine. This issue is due to a failure of the server application to properly sanitize user supplied network data...
Courier-IMAP <= 3.0.2-r1 auth_debug() Remote Format String Exploit
No description provided by source. / courier-imap = 3.0.2-r1 Remote Format String Vulnerability exploit Author: ktha at hush dot com Tested on FreeBSD 4.10-RELEASE with courier-imap-3.0.2 Special thanks goes to andrewg for providing the FreeBSD box. Greetings: all the guys from irc pulltheplug co...
NSI Rwhoisd 1.5 - Remote Format String Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3474/info Rwhoisd is a publicly available RWHOIS server daemon for Unix based systems developed and maintained by Network Solutions Inc. Rwhoisd contains a remotely exploitable format string vulnerability. It is possible ...
SurgeMail and WebMail <= 3.0 - 'Page' Command Remote Format String Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/27990/info SurgeMail and WebMail are prone to a remote format-string vulnerability because the applications fail to properly sanitize user-supplied input before including it in the format-specifier argument of a...