Midnight Commander buffer overflows, format string bugs, and insecure temporary file handling

Jakub Jelinek reports several security related bugs in Midnight Commander, including: Multiple buffer overflows CVE-2004-0226 Insecure temporary file handling CVE-2004-0231 Format string bug CVE-2004-0232...

eXtermail format string bug

Format string bug in POP3/SMTP commands...

ssmtp format string bug

Format string bug in logging...

Format string bug in IGI 2: Covert Strike 1.3

Luigi Auriemma Application: IGI 2: Covert Strike http://www.igi2-game.com Versions: = 1.3 Platforms: Windows, Linux Bug: format string bug Risk: high Exploitation: remote, versus server Date: 05 Apr 2004 Author: Luigi Auriemma e-mail: [email protected] web: http://aluigi.altervista.org 1...

Buffer overflows and format string bugs in Emil

Ulf Härnhammar reports multiple buffer overflows in Emil, some of which are triggered during the parsing of attachment filenames. In addition, some format string bugs are present in the error reporting code. Depending upon local configuration, these vulnerabilities may be exploited using speciall...

Format string bug in EpicGames Unreal engine

Luigi Auriemma Application: Unreal engine http://unreal.epicgames.com Games: - America's Army - DeusEx - Devastation - Magic Battlegrounds - Mobile Forces - Nerf Arena Blast - Postal 2 - Rainbow Six: Raven Shield - Rune - Sephiroth: 3rd episode the Crusade - Star Trek: Klingon Honor Guard -...

[SECURITY] [DSA 449-1] New metamail packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 449-1 [email protected] http://www.debian.org/security/ Martin Schulze February 24th, 2004 http://www.debian.org/security/faq -...

DreamFTP formatstring bug

Format string bug in username...

UnrealIRCd format string bug

If NOIDENTCHECKING is defined during compilation format string bug is possible in username...

AIX enq format string bug

Format string bug during arguments parsing...

HP-UX B11.11 - usrbinct Format String Privilege Escalation

HP-UX B11.11 - usrbinct Format String Privilege Escalation / File : xhp-ux11inlsct.c Usage : cc xhp-ux11inlsct.c -o xct ; ./xct Purpose : Get a local rootshell from /usr/bin/ct,using HP-UX location language format string bug. Author : watercloud xfocus org Tested : On HP-UX B11.11 . / include...

GnuPG HKP interface format string bug

Format string bug during keys retrieval from server...

HP-UX libc format string bug

Format string bugs in nls functions...

clamav format string bug

Format string bug in e-mail address during syslog call...

[Full-Disclosure] Sylpheed-claws format string bug, yet still sylpheed much better than windows

Georgi Guninski security advisory 61, 2003 Sylpheed-claws format string bug, yet still sylpheed much better than windows Systems affected: Sylpheed-claws 0.9.6 - 0.9.4 Fixed in CVS Risk: Medium Date: 22 October 2003 Legal Notice: This Advisory is Copyright c 2003 Georgi Guninski. You may distribu...

Sylpheed-claws format string bug

Format string bug in SMTP client code...

Dropbear SSH Server format string bug

Format string bug on syslog call;...

MacOS X privilege escalation

Network traffic sniffing via IPNetMonitorX, format string bug in PNetSentryX...

Crob FTP server format string bug

Multiple FTP commands format string bug...

[Full-Disclosure] formatstring bug in Compaq HTTP Servers

Hi there There is a formatstring bug in Compaq HTTP Servers. in !.DebugSearchPaths?Url= requests The HTTP server runs with LocalSystem account. Versions: All versions i have tested had this formatstring bug. To be shure that it wasn't allready fixed, i downloaded this new version.. Insight...