Lucene search
K

3203 matches found

CERT
CERT
added 2002/06/04 12:0 a.m.24 views

Oracle Application Server contains format string vulnerability

Overview The CERT/CC is aware of a report about a "remotely exploitable format string vulnerability in Oracle Application Server" that could allow an unauthenticated, remote attacker to execute arbitrary code on a vulnerable system. Description Oracle Application Server uses the Apache HTTP Serve...

8AI score
Exploits0References3
CERT
CERT
added 2002/06/04 12:0 a.m.32 views

Oracle TNS Listener Control Utility (LSNRCTL) contains format string vulnerability

Overview The Oracle Listener Control Utility LSNRCTL contains a format string vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code or commands or cause a denial of service. Description Oracle Transparent Network Substrate TNS Listeners are processes that...

7.5CVSS7.7AI score0.13789EPSS
Exploits0References7
NVD
NVD
added 2002/05/29 4:0 a.m.21 views

CVE-2002-0374

Format string vulnerability in the logging function for the pamldap PAM LDAP module before version 144 allows attackers to execute arbitrary code via format strings in the configuration file name...

7.5CVSS7.5AI score0.03844EPSS
Exploits0References10
NVD
NVD
added 2002/05/29 4:0 a.m.12 views

CVE-2002-0246

Format string vulnerability in the message catalog library functions in UnixWare 7.1.1 allows local users to gain privileges by modifying the LCMESSAGE environment variable to read other message catalogs containing format strings from setuid programs such as vxprint...

7.2CVSS6.4AI score0.00975EPSS
Exploits1References4
securityvulns
securityvulns
added 2002/05/25 12:0 a.m.31 views

Buffer overflow in PGP Public Key Server

Buffer overflow on long search string...

3.4AI score
Exploits0References1Affected Software1
exploitpack
exploitpack
added 2002/05/24 12:0 a.m.16 views

MIT PGP Public Key Server 0.9.20.9.4 - Search String Remote Buffer Overflow

MIT PGP Public Key Server 0.9.20.9.4 - Search String Remote Buffer Overflow source: https://www.securityfocus.com/bid/4828/info The PGP Public Key Server is a freely available, open source software package distributed by MIT. It is designed for use on Linux and Unix operating systems. The PGP...

0.3AI score
Exploits0
NVD
NVD
added 2002/05/16 4:0 a.m.12 views

CVE-2002-0218

Format string vulnerability in 1 sastcpd in SAS/Base 8.0 and 8.1 or 2 objspawn in SAS/Integration Technologies 8.0 and 8.1 allows local users to execute arbitrary code via format specifiers in a command line argument...

7.2CVSS7.3AI score0.00428EPSS
Exploits0References6
securityvulns
securityvulns
added 2002/05/10 12:0 a.m.54 views

Advisory CA-2002-12 Format String Vulnerability in ISC DHCPD

CERT Advisory CA-2002-12 Format String Vulnerability in ISC DHCPD Original release date: May 8, 2002 Last revised:-- Source: CERT/CC A complete revision history can be found at the end of this file. Systems Affected ISC DHCPD 3.0 to 3.0.1rc8 inclusive Overview The Internet Software Consortium ISC...

Exploits0
securityvulns
securityvulns
added 2002/05/10 12:0 a.m.25 views

[NGSEC-2002-2] ISC DHCPDv3, remote root compromise

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Next Generation Security Technologies http://www.ngsec.com Security Advisory Title: ISC DHCPDv3, remote root compromise ID: NGSEC-2002-2 Application: ISC DHCPD version 3.0.1rc8 and older http://www.isc.org Date: 05/06/2002 Status: Vendor and CERT...

0.2AI score
Exploits0
CERT
CERT
added 2002/05/08 12:0 a.m.34 views

ISC DHCPD contains format string vulnerability when logging DNS-update requests

Overview The DHCP daemon DHCPD is a server that is used to allocate network addresses and assign configuration parameters to dynamically configured hosts. A format string vulnerability may permit an intruder to execute code with the privileges of the DHCP daemon typically root. Description The...

10CVSS7AI score0.31139EPSS
Exploits0References3
securityvulns
securityvulns
added 2002/05/06 12:0 a.m.21 views

ldap vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --- Blackshell Advisory 5 --- Local Format String Vuln in pamldap and remote in squidauthldap - --- Blackshell Advisory 5 --- - --- Versions Affected --- pamldap: 143 prior vendor status: nil squidauthldap: 2.0 prior vendor status: nil - --- What is...

7.7AI score
Exploits0
Cvelist
Cvelist
added 2002/05/03 4:0 a.m.20 views

CVE-2002-0218

Format string vulnerability in 1 sastcpd in SAS/Base 8.0 and 8.1 or 2 objspawn in SAS/Integration Technologies 8.0 and 8.1 allows local users to execute arbitrary code via format specifiers in a command line argument...

7.3AI score0.00428EPSS
Exploits0References6
CVE
CVE
added 2002/05/03 4:0 a.m.54 views

CVE-2001-1312

The CVE-2001-1312 issue affects Lotus Domino R5 prior to version 5.0.7a, where LDAP handling code contains format string vulnerabilities. Exploitation could cause remote denial of service and, potentially, arbitrary code execution, as demonstrated by the PROTOS LDAPv3 test suite. The CERT advisor...

7.5CVSS7.6AI score0.0448EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2002/05/03 4:0 a.m.47 views

CVE-2002-0218

CVE-2002-0218 describes a format-string vulnerability in SAS software (SAS/Base 8.0/8.1: sastcpd; SAS/Integration Technologies 8.0/8.1: objspawn) that allows a local user to trigger arbitrary code execution via format specifiers supplied in a command-line argument. The root cause is a format-stri...

7.2CVSS7.7AI score0.00428EPSS
Exploits0References6Affected Software2
securityvulns
securityvulns
added 2002/05/03 12:0 a.m.37 views

Advisory CA-2002-10 Format String Vulnerability in rpc.rwalld

CERT Advisory CA-2002-10 Format String Vulnerability in rpc.rwalld Original release date: May 1, 2002 Last revised: -- Source: CERT/CC A complete revision history can be found at the end of this file. Systems Affected Sun Solaris 2.5.1, 2.6, 7, and 8 Overview The rwall daemon rpc.rwalld is a...

0.3AI score
Exploits0
CERT
CERT
added 2002/04/30 12:0 a.m.34 views

rpc.rwalld contains remotely exploitable format string vulnerability

Overview rpc.rwalld is a utility that is used to send a message to all terminals of a time sharing system. A format string vulnerability may permit a remote user to execute code with the privileges of the rwall daemon. Description rpc.rwalld is a utility that listens for remote wall requests. Wal...

7.5CVSS6.3AI score0.09217EPSS
Exploits1References1
CERT
CERT
added 2002/04/05 12:0 a.m.32 views

AOL Instant Messenger vulnerable to denial of service via crafted file name

Overview AOL Instant Messenger AIM 4.1 and prior are vulnerable to a denial of service vulnerability. A denial of service occurs when filenames that contain a "%s" are sent to a victim. Description AOL Instant Messenger AIM is a program for communicating with other users over the Internet. AIM...

5CVSS7.1AI score0.02209EPSS
Exploits0References1
CERT
CERT
added 2002/03/29 12:0 a.m.28 views

GnuPG contains format-string vulnerability in handling of encrypted data filename

Overview Some versions of Gnu Privacy Guard GPG contain a format-string vulnerability from improper handling of filenames when decrypting files. Description GPG is an OpenPGP-compliant alternative to PGP to protect electronic communications using public-key cryptography. Versions of GPG prior to...

7.5CVSS6.9AI score0.13728EPSS
Exploits0References1
securityvulns
securityvulns
added 2002/03/27 12:0 a.m.29 views

Format String Bug in Posadis DNS Server

Date: Mar 27 02 Me: kkr [email protected] Software: Posadis DNS Server http://sourceforge.net/projects/posadis/ Ver: m5pre1 Bug: bad fmt string usage in log function, may lead to remote access Word Life: the warez dude Overview: Posadis dns server is a small dns server without cache or resolving...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2002/03/21 12:0 a.m.21 views

format string vulnerability protection bypass in libsafe

Not all of possible converion flags are processed...

2.7AI score
Exploits0References2Affected Software1
Rows per page
Query Builder