477 matches found
RHEL 2.1 / 3 : emacs (RHSA-2005:112)
Updated Emacs packages that fix a string format issue are now available. Emacs is a powerful, customizable, self-documenting, modeless text editor. Max Vozeler discovered several format string vulnerabilities in the movemail utility of Emacs. If a user connects to a malicious POP server, an...
[SECURITY] [DSA 670-1] New emacs20 packages fix arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 670-1 [email protected] http://www.debian.org/security/ Martin Schulze February 8th, 2005 http://www.debian.org/security/faq -...
DSA-671-1 xemacs21 - format string
Bulletin has no description...
CVE-2004-1004
Multiple format string vulnerabilities in Midnight Commander mc 4.5.55 and earlier allow remote attackers to have an unknown impact...
CVE-2004-1004
CVE-2004-1004 affects Midnight Commander (mc) up to version 4.5.55 with multiple format string vulnerabilities. The provided connected advisories confirm that various distros release patches (e.g., SUSE SLES9 patch 5011441, Gentoo GLSA 200502-24, Debian DSA 639-1) to fix these issues. The CVE ent...
CVE-2004-1004
Multiple format string vulnerabilities in Midnight Commander mc 4.5.55 and earlier allow remote attackers to have an unknown impact...
Debian DSA-639-1 : mc - several vulnerabilities
Andrew V. Samoilov has noticed that several bugfixes which were applied to the source by upstream developers of mc, the midnight commander, a file browser and manager, were not backported to the current version of mc that Debian ships in their stable release. The Common Vulnerabilities and...
CVE-2004-0451
Multiple format string vulnerabilities in the 1 logquit, 2 logerr, or 3 loginfo functions in Software Upgrade Protocol SUP allows remote attackers to execute arbitrary code via format string specifiers in messages that are logged by syslog...
isc-dhcpd -- format string vulnerabilities
The ISC DHCP programs are vulnerable to several format string vulnerabilities which may allow a remote attacker to execute arbitrary code with the permissions of the DHCP programs, typically root for the DHCP server...
Monolith Lithtech Game Engine - Multiple Remote Format String Vulnerabilities
// source: https://www.securityfocus.com/bid/11610/info Lithtech game engine is prone to multiple remote format-string vulnerabilities because of incorrect usage of 'printf'-type functions. Format specifiers can be supplied directly to vulnerable functions from external data. A denial-of-service...
Speedtouch USB driver: Privilege escalation vulnerability
Background The speedtouch package contains a driver for the ADSL SpeedTouch USB modem. Description The Speedtouch USB driver contains multiple format string vulnerabilities in modemrun, pppoa2 and pppoa3. This flaw is due to an improperly made syslog system call. Impact A malicious local user cou...
GLSA-200411-04 : Speedtouch USB driver: Privilege escalation vulnerability
The remote host is affected by the vulnerability described in GLSA-200411-04 Speedtouch USB driver: Privilege escalation vulnerability The Speedtouch USB driver contains multiple format string vulnerabilities in modemrun, pppoa2 and pppoa3. This flaw is due to an improperly made syslog system cal...
Debian DSA-401-1 : hylafax - format strings
The SuSE Security Team discovered several exploitable formats string vulnerabilities in hylafax, a flexible client/server fax system, which could lead to executing arbitrary code as root on the fax server. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package check...
Debian DSA-449-1 : metamail - buffer overflow, format string bugs
Ulf Harnhammar discovered two format string bugs CAN-2004-0104 and two buffer overflow bugs CAN-2004-0105 in metamail, an implementation of MIME. An attacker could create a carefully-crafted mail message which will execute arbitrary code as the victim when it is opened and parsed through metamail...
CVE-2001-1081
Format string vulnerabilities in Livingston/Lucent RADIUS before 2.1.va.1 may allow local or remote attackers to cause a denial of service and possibly execute arbitrary code via format specifiers that are injected into log messages...
GLSA-200405-21 : Midnight Commander: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200405-21 Midnight Commander: Multiple vulnerabilities Numerous security issues have been discovered in Midnight Commander, including several buffer overflow vulnerabilities, multiple vulnerabilities in the handling of temporary...
CVE-2003-1051
CVE-2003-1051 affects IBM DB2 Universal Database 8.1. It describes multiple format-string vulnerabilities that could allow local users to execute arbitrary code via certain command-line arguments to db2start, db2stop, or db2govd. Root cause: format string handling issues in the involved binaries....
CVE-2004-0232
Multiple format string vulnerabilities in Midnight Commander mc before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code...
CVE-2004-0232
Multiple format string vulnerabilities in Midnight Commander mc before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code...
CVE-2004-0232
Multiple format string vulnerabilities in Midnight Commander mc before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code...