[SECURITY] [DSA 671-1] New xemacs21 packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 671-1 [email protected] http://www.debian.org/security/ Martin Schulze February 8th, 2005 http://www.debian.org/security/faq -...

[Full-Disclosure] DMA[2005-0125a] - 'berlios gpsd format string vulnerability'

DMA2005-0125a - 'berlios gpsd remake of pygps format string vulnerability' Author: Kevin Finisterre Vendor: http://gpsd.berlios.de, http://www.pygps.org Product: 'gpsd' References: http://www.digitalmunition.com/DMA2005-0125a.txt Description: gpsd is a service daemon that monitors a GPS attached ...

[Full-Disclosure] [ GLSA 200411-07 ] Proxytunnel: Format string vulnerability

Gentoo Linux Security Advisory GLSA 200411-07 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...

FreeBSD : rssh -- format string vulnerability (166)

The following package needs to be updated: rssh %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkg1f82675726be11d9ad2d0050fc56d258.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright 2003-200...

Debian DSA-095-1 : gpm - local root vulnerability

The package 'gpm' contains the gpm-root program, which can be used to create mouse-activated menus on the console. Among other problems, the gpm-root program contains a format string vulnerability, which allows an attacker to gain root privileges. %NASLMINLEVEL 70300 C Tenable Network Security,...

Important: Red Hat Security Advisory: mod_ssl security update

An updated modssl package for Apache that fixes a format string vulnerability is now available. The modssl module provides strong cryptography for the Apache Web server via the Secure Sockets Layer SSL and Transport Layer Security TLS protocols. A format string issue was discovered in modssl for...

GLSA-200407-18 : mod_ssl: Format string vulnerability

The remote host is affected by the vulnerability described in GLSA-200407-18 modssl: Format string vulnerability A bug in sslengineext.c makes modssl vulnerable to a ssllog related format string vulnerability in the modproxy hook functions. Impact : Given the right server configuration, an attack...

mod_NTLM Overflow / Format String

Binary data 1556.prm...

Mandrake Linux Security Advisory : mc (MDKSA-2004:039)

Several vulnerabilities in Midnight Commander were found by Jacub Jelinek. This includes several buffer overflows CVE-2004-0226, as well as a format string issue CVE-2004-0232, and an issue with temporary file and directory creation CVE-2004-0231. Most of the included fixes are backports from CVS...

Mandrake Linux Security Advisory : gftp (MDKSA-2001:044)

A format string vulnerability exists in all versions of gftp prior to version 2.0.8. This vulnerability has been fixed upstream in version 2.0.8. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Mandrake Linux Security...

[Full-Disclosure] [VSA0402] OpenFTPD format string vulnerability

VSA0402 - openftpd - void.at security notice Overview ======== We have discovered a format string vulnerability in openftpd http://www.openftpd.org:9673/openftpd. OpenFTPD is a free, open source FTP server implementation for the UNIX platform. FTP4ALL is not vulnerable it doesnt use that message...

CVE-2004-0733

Format string vulnerability in OllyDbg 1.10 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via format string specifiers that are directly provided to the OutputDebugString function call...

Solaris 2.5.1 (sparc) : 112891-01

SunOS 5.5.1: rpc.rwalld has format string problem. Date this patch was last updated by Sun : Jun/14/02 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network Security, Inc. if...

smtp.proxy format string bug

syslog sender address format string bug...

[Full-Disclosure] Format String Vulnerability in Tripwire

SUMMARY ------- Tripwiretm is a Security, Intrusion Detection, Damage Assessment and Recovery, Forensics software. A vulnerability in the product allows a user on the local machine under certain circumstances to execute arbitrary code with the rights of the user running the program typically root...

[Full-Disclosure] MDKSA-2004:039 - Updated mc packages fix vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandrakelinux Security Update Advisory Package name: mc Advisory ID: MDKSA-2004:039 Date: April 29th, 2004 Affected versions: 10.0, 9.1, 9.2, Corporate Server 2.1 Problem Description: Several vulnerabilities in Midnight Commander were found by Jacub...

NSTX 1.01.1 - Remote Denial of Service

NSTX 1.01.1 - Remote Denial of Service source: https://www.securityfocus.com/bid/9989/info It has been reported that NSTX is prone to a remote denial of service vulnerability. This issue is due to a failure of the application to handle network strings of excessive length. This issue may allow a...

Mini SQL 1.0/1.3 - Remote Format String

// source: https://www.securityfocus.com/bid/8295/info Mini SQL mSQL has been reported prone to a remotely exploitable format string vulnerability, when handling user-supplied data. Reportedly a remote attacker may send malicious format specifiers to trigger the issue. This vulnerability could...

Multiple bugs in ICQ 2003

Format string bug in integer overflows in POP3 client, multiple DoS conditions...

Security Update: [CSSA-2003-007.0] Linux: Apache mod_dav module format string vulnerability

To: [email protected] [email protected] [email protected] [email protected] SCO Security Advisory Subject: Linux: Apache moddav module format string vulnerability Advisory number: CSSA-2003-007.0 Issue date: 2003 February 17 Cross reference: 1...