Lucene search
K

3203 matches found

CVE
CVE
added 2002/03/15 5:0 a.m.36 views

CVE-2001-1208

CVE-2001-1208 describes a format-string vulnerability in DayDream BBS that allows remote code execution via format specifiers in a file containing a ~#RA control code. The entry lists a base score of 7.5 (HIGH) with network attack vector, low attack complexity, and no authentication required. The...

7.5CVSS8AI score0.02244EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2002/03/15 5:0 a.m.19 views

CVE-2001-1208

Format string vulnerability in DayDream BBS allows remote attackers to execute arbitrary code via format string specifiers in a file containing a RA control code...

7.7AI score0.02244EPSS
Exploits0References1
FreeBSD Advisory
FreeBSD Advisory
added 2002/03/12 12:0 a.m.12 views

FreeBSD-SA-02:15.cyrus-sasl

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-02:15 Security Advisory FreeBSD, Inc. Topic: cyrus-sasl library contains format string vulnerability Category: ports Module: cyrus-sasl Announced: 2002-03-12 Credits: Kari...

7.5CVSS6.3AI score0.03EPSS
Exploits0
CVE
CVE
added 2002/03/09 5:0 a.m.63 views

CVE-2000-0699

The CVE-2000-0699 entry concerns HP-UX 10.20’s ftpd with a format-string vulnerability in the PASS command. The underlying flaw allows a remote attacker to cause a denial of service or execute arbitrary commands through crafted PASS input, potentially enabling shell access as indicated by Nessus ...

10CVSS7.6AI score0.14259EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2002/03/09 5:0 a.m.54 views

CVE-2001-0740

CVE-2001-0740 affects 3COM OfficeConnect 812/840 ADSL Router with OCR812 router software version 1.1.9 and earlier. The vulnerability is a potential format string flaw triggered by a long string containing many "%s" sequences, which can cause a denial of service via remote access. The connected d...

5CVSS7.1AI score0.04054EPSS
Exploits1References5Affected Software2
CVE
CVE
added 2002/03/09 5:0 a.m.67 views

CVE-2001-0690

CVE-2001-0690 describes a format-string vulnerability in Exim in batched SMTP mode that can let an unauthenticated remote attacker execute arbitrary code via format strings in SMTP headers. The entry specifies affected Exim versions: 3.22-10 (Red Hat), 3.12 (Debian), and 3.16 (Conectiva). Attack ...

7.5CVSS7.5AI score0.11891EPSS
Exploits2References6Affected Software2
Cvelist
Cvelist
added 2002/03/09 5:0 a.m.29 views

CVE-2001-0522

Format string vulnerability in Gnu Privacy Guard aka GnuPG or gpg 1.05 and earlier can allow an attacker to gain privileges via format strings in the original filename that is stored in an encrypted file...

6.3AI score0.13728EPSS
Exploits0References14
CVE
CVE
added 2002/03/09 5:0 a.m.69 views

CVE-2001-0717

CVE-2001-0717 is a format-string vulnerability in the ToolTalk RPC server rpc.ttdbserverd that permits remote command execution via syslog formatting. Public advisories (Sun, HP, IBM, SunOS/Solaris, AIX, SGI/IRIX, Xi Graphics, Caldera) describe vulnerable platforms and vendor patches. CORE/SECURE...

10CVSS7.6AI score0.05714EPSS
Exploits0References10Affected Software1
CVE
CVE
added 2002/03/09 5:0 a.m.103 views

CVE-2001-0522

The CVE-2001-0522 issue concerns GnuPG (GPG) versions 1.0.5 and earlier, where a format-string vulnerability in the do_get/tty_printf flow exposes the original encrypted-file filename to format-string processing. This can allow code execution with the privileges of the user decrypting the file. T...

7.5CVSS6.3AI score0.13728EPSS
Exploits0References14Affected Software1
Cvelist
Cvelist
added 2002/03/09 5:0 a.m.22 views

CVE-2000-0699

Format string vulnerability in ftpd in HP-UX 10.20 allows remote attackers to cause a denial of service or execute arbitrary commands via format strings in the PASS command...

7.6AI score0.14259EPSS
Exploits0References2
Cvelist
Cvelist
added 2002/03/09 5:0 a.m.31 views

CVE-2001-0717

Format string vulnerability in ToolTalk database server rpc.ttdbserverd allows remote attackers to execute arbitrary commands via format string specifiers that are passed to the syslog function...

7.6AI score0.05714EPSS
Exploits0References10
CVE
CVE
added 2002/03/09 5:0 a.m.74 views

CVE-2001-0879

CVE-2001-0879 describes a format-string vulnerability in the C runtime functions used by Microsoft SQL Server 7.0 and 2000. The underlying issue is a format string handling flaw in the C runtime, which can allow an attacker to trigger a denial of service. The available connected documents confirm...

5CVSS7AI score0.08089EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2002/03/09 5:0 a.m.26 views

CVE-2001-0740

3COM OfficeConnect 812 and 840 ADSL Router 4.2, running OCR812 router software 1.1.9 and earlier, allows remote attackers to cause a denial of service via a long string containing a large number of "%s" strings, possibly triggering a format string vulnerability...

6.7AI score0.04054EPSS
Exploits1References5
securityvulns
securityvulns
added 2002/03/05 12:0 a.m.32 views

[H20020304]: Remotely exploitable format string vulnerability in ntop

h o l o g r a m | s e c u r i t y | a d v i s o r y Advisory ID : H20020304 Software : ntop Synopsis : Remotely exploitable format string vulnerability in ntop. Vendor : Luca Deri www.ntop.org Verified : Version 2.0 Author : hologram [email protected] | Overview...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2002/02/07 12:0 a.m.29 views

Caldera UnixWare 7.1.1 - Message Catalog Environment Variable Format String

// source: https://www.securityfocus.com/bid/4060/info UnixWare is a commercially available Unix Operating System. It was originally developed by SCO, and is now distributed and maintained by Caldera. A format string vulnerability in the locale subsystem could lead to a user gaining elevated...

7AI score
Exploits0
exploitpack
exploitpack
added 2002/02/07 12:0 a.m.19 views

Caldera UnixWare 7.1.1 - Message Catalog Environment Variable Format String

Caldera UnixWare 7.1.1 - Message Catalog Environment Variable Format String // source: https://www.securityfocus.com/bid/4060/info UnixWare is a commercially available Unix Operating System. It was originally developed by SCO, and is now distributed and maintained by Caldera. A format string...

0.7AI score
Exploits0
CVE
CVE
added 2002/02/02 5:0 a.m.48 views

CVE-2001-1078

CVE-2001-1078 affects eXtremail 1.1.9 and earlier. The vulnerability is a format-string issue in the flog function that can be exploited remotely to gain root privileges by supplying format specifiers through SMTP commands (HELO, EHLO, MAIL FROM, RCPT TO) and via POP3 commands after authenticatio...

10CVSS7.1AI score0.05444EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2002/02/02 5:0 a.m.30 views

CVE-2001-1034

Format string vulnerability in Hylafax on FreeBSD allows local users to execute arbitrary code via format specifiers in the -h hostname argument for 1 faxrm or 2 faxalter...

7AI score0.0047EPSS
Exploits0References3
Cvelist
Cvelist
added 2002/02/02 5:0 a.m.24 views

CVE-2001-0915

Format string vulnerability in Berkeley parallel make pmake 2.1.33 and earlier allows a local user to gain root privileges via format specifiers in the check argument of a shell definition...

6.6AI score0.00698EPSS
Exploits0References3
CVE
CVE
added 2002/02/02 5:0 a.m.60 views

CVE-2001-1034

CVE-2001-1034 describes format-string vulnerabilities in HylaFAX. HylaFAX components affected include faxrm, faxalter, faxgetty, faxwatch, and hfaxd; the root cause is unchecked input used as a format string, enabling local privilege escalation or denial of service in some configurations. Debian ...

7.2CVSS7AI score0.0047EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder