3203 matches found
CVE-2001-0915
Format string vulnerability in Berkeley parallel make pmake 2.1.33 and earlier allows a local user to gain root privileges via format specifiers in the check argument of a shell definition...
CVE-2001-1129
Format string vulnerabilities in 1 probuild, 2 dbutil, 3 mprosrv, 4 mprshut, 5 proapsv, 6 progres, 7 proutil, 8 rfutil and 9 prolib in Progress database 9.1C allows a local user to execute arbitrary code via format string specifiers in the file used by the PROMSGS environment variable...
NSI RWhoisd contains format string vulnerability in print_error()
Overview A remotely exploitable format string vulnerability exists in the Referral Whois server daemon RWhoisd. Description As the Internet has grown, the centralized whois database was not able to scale. In order to deal with scaling the whois system, Referral Whois was developed. Referral Whois...
[SECURITY] [DSA 085-1] New nvi packages fix format string vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 085-1 [email protected] http://www.debian.org/security/ Martin Schulze October 20th, 2001 -...
[SECURITY] [DSA 085-1] New nvi packages fix format string vulnerability
-------------------------------------------------------------------------- Debian Security Advisory DSA 085-1 [email protected] http://www.debian.org/security/ Martin Schulze October 20th, 2001 - -------------------------------------------------------------------------- Package : nvi, nvi-m17n...
CVE-2001-0740
3COM OfficeConnect 812 and 840 ADSL Router 4.2, running OCR812 router software 1.1.9 and earlier, allows remote attackers to cause a denial of service via a long string containing a large number of "%s" strings, possibly triggering a format string vulnerability...
CVE-2001-0789
Format string vulnerability in avpkeeper in Kaspersky KAV 3.5.135.2 for Sendmail allows remote attackers to cause a denial of service or possibly execute arbitrary code via a malformed mail message...
Common Desktop Environment (CDE) ToolTalk RPC Server rpc.ttdbserverd contains format string vulnerability
Overview A vulnerability exists in CDE ToolTalk that may allow a remote attacker to execute arbitrary code with root privileges. Description Internet Security Systems ISS X-Force has discovered a format string vulnerability in the Common Desktop Environment CDE ToolTalk Remote Procedure Call RPC...
DEBIAN-CVE-2001-1034
Format string vulnerability in Hylafax on FreeBSD allows local users to execute arbitrary code via format specifiers in the -h hostname argument for 1 faxrm or 2 faxalter...
CVE-2001-1034
Format string vulnerability in Hylafax on FreeBSD allows local users to execute arbitrary code via format specifiers in the -h hostname argument for 1 faxrm or 2 faxalter...
CVE-2001-0690
Format string vulnerability in exim 3.22-10 in Red Hat, 3.12 in Debian and 3.16 in Conectiva in batched SMTP mode allows a remote attacker to execute arbitrary code via format strings in SMTP mail headers...
CVE-2001-0489
The CVE-2001-0489 entry concerns gftp before version 2.0.8, where a printf/format string vulnerability in the logging of network data allows a remote FTP server to cause arbitrary commands to be executed. Affected component is the gftp client; root cause is unsafe handling of data received from t...
CVE-2001-0473
Format string vulnerability in Mutt before 1.2.5 allows a remote malicious IMAP server to execute arbitrary commands...
CVE-2001-0387
CVE-2001-0387 is a format-string vulnerability in HylaFAX’s hfaxd that allows local users to gain privileges via the -q command-line argument in versions prior to 4.1.b2_2. The issue is documented across multiple sources (NVD, CVE list, Debian/DSA and Mandrake advisory). Exploitation would enable...
CVE-2001-0155
Format string vulnerability in VShell SSH gateway 1.0.1 and earlier allows remote attackers to execute arbitrary commands via a user name that contains format string specifiers...
CVE-2001-0387
Format string vulnerability in hfaxd in HylaFAX before 4.1.b22 allows local users to gain privileges via the -q command line argument...
CVE-1999-1417
The CVE-1999-1417 entry documents a format string vulnerability in AnswerBook2 (AB2) web server dwhttpd 3.1a4. The issue arises in the web server’s handling of HTTP requests containing encoded percent characters, which are logged improperly. This can lead to a denial of service and, in some cases...
CVE-2001-0522
Format string vulnerability in Gnu Privacy Guard aka GnuPG or gpg 1.05 and earlier can allow an attacker to gain privileges via format strings in the original filename that is stored in an encrypted file...
CVE-2001-0609
Format string vulnerability in Infodrom cfingerd 1.4.3 and earlier allows a remote attacker to gain additional privileges via a malformed ident reply that is passed to the syslog function...
CVE-2001-0609
Format string vulnerability in Infodrom cfingerd 1.4.3 and earlier allows a remote attacker to gain additional privileges via a malformed ident reply that is passed to the syslog function...