Lucene search
K

3209 matches found

NVD
NVD
added 2001/03/26 5:0 a.m.26 views

CVE-2001-0187

Format string vulnerability in wu-ftp 2.6.1 and earlier, when running with debug mode enabled, allows remote attackers to execute arbitrary commands via a malformed argument that is recorded in a PASV port assignment...

10CVSS7.4AI score0.05669EPSS
Exploits1References5
securityvulns
securityvulns
added 2001/03/26 12:0 a.m.42 views

Дырка в CGI pwc (format string bug)

Ошибка форматной строки при работе с syslog...

0.9AI score
Exploits0References1
Cvelist
Cvelist
added 2001/03/09 5:0 a.m.29 views

CVE-2001-0181

Format string vulnerability in the error logging code of DHCP server and client in Caldera Linux allows remote attackers to execute arbitrary commands...

7.5AI score0.05204EPSS
Exploits0References3
Debian
Debian
added 2001/02/08 11:38 p.m.12 views

[SECURITY] [DSA 028-1] New man-db packages released

---------------------------------------------------------------------------- Debian Security Advisory DSA-028-1 [email protected] http://www.debian.org/security/ Martin Schulze February 9, 2001 - ---------------------------------------------------------------------------- Package : man-db...

5.5AI score
Exploits0
Cvelist
Cvelist
added 2001/02/02 5:0 a.m.19 views

CVE-2001-0032

Format string vulnerability in ssldump possibly allows remote attackers to cause a denial of service and possibly gain root privileges via malicious format string specifiers in a URL...

7AI score0.04349EPSS
Exploits1References3
securityvulns
securityvulns
added 2001/02/01 12:0 a.m.28 views

SuSe / Debian man package format string vulnerability

Hi, This issue has been discussed in vuln-dev 2001-01-26, see: http://www.securityfocus.com/templates/archive.pike?end=2001-01-27&tid=15872 4&fromthread=0&start=2001-01-21&threads=1&list=82& Posted also on suse security list, and aparently overlooked. The man package that ships with SuSe Linux at...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2001/02/01 12:0 a.m.28 views

Дырка в man (linux)

Ошиюка форматной строки при разборе агрументов...

0.6AI score
Exploits0References1
Exploit DB
Exploit DB
added 2001/01/23 12:0 a.m.45 views

WU-FTPD 2.4.2/2.5/2.6 - Debug Mode Client Hostname Format String

source: https://www.securityfocus.com/bid/2296/info Wu-ftpd is a widely used unix ftp server. It contains a format string vulnerability that may be exploitable under certain perhaps 'extreme' circumstances. When running in debug mode, Wu-ftpd logs user activity to syslog in an insecure manner. An...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2001/01/22 5:0 a.m.15 views

CVE-2000-0901

Format string vulnerability in screen 3.9.5 and earlier allows local users to gain root privileges via format characters in the vbellmsg initialization variable...

6.6AI score0.0097EPSS
Exploits1References8
CVE
CVE
added 2001/01/22 5:0 a.m.53 views

CVE-2000-1000

Summary: CVE-2000-1000 is a format-string vulnerability in AOL Instant Messenger (AIM) 4.1 and earlier. The issue arises when transferring a file whose name contains format specifiers, which can cause a denial of service and may allow arbitrary command execution. Root cause: format-string handlin...

5CVSS7.7AI score0.02209EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2001/01/22 5:0 a.m.58 views

CVE-2000-1044

CVE-2000-1044 concerns a format-string vulnerability in ypbind-mt on SuSE Linux (notably SuSE-6.2) that could allow an attacker to gain root privileges. The vulnerability arises in the handling of format strings in the affected component; no exploitation details are provided in the available docu...

10CVSS6.8AI score0.02449EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2001/01/22 5:0 a.m.31 views

CVE-2000-0993

Format string vulnerability in pwerror function in BSD libutil library allows local users to gain root privileges via a malformed password in commands such as chpass or passwd...

6.9AI score0.01671EPSS
Exploits1References6
Cvelist
Cvelist
added 2001/01/22 5:0 a.m.28 views

CVE-2000-1040

Format string vulnerability in logging function of ypbind 3.3, while running in debug mode, leaks file descriptors and allows an attacker to cause a denial of service...

6.4AI score0.02516EPSS
Exploits0References9
Cvelist
Cvelist
added 2001/01/22 5:0 a.m.26 views

CVE-2000-1043

Format string vulnerability in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog function...

6.8AI score0.01826EPSS
Exploits0References2
Cvelist
Cvelist
added 2001/01/22 5:0 a.m.41 views

CVE-2000-0917

Format string vulnerability in usesyslog function in LPRng 3.6.24 allows remote attackers to execute arbitrary commands...

7.3AI score0.78658EPSS
Exploits4References7
CVE
CVE
added 2001/01/22 5:0 a.m.57 views

CVE-2000-0993

The CVE-2000-0993 entry describes a format-string vulnerability in the OpenBSD/libutil pw_error(3) function that, when invoked by setuid programs such as chpass, could let a local user gain superuser access. Public details indicate OpenBSD fixed the issue in 2000 within the affected libutil code,...

7.2CVSS6.9AI score0.01671EPSS
Exploits1References6Affected Software3
Cvelist
Cvelist
added 2001/01/22 5:0 a.m.22 views

CVE-2000-0996

Format string vulnerability in OpenBSD su program and possibly other BSD-based operating systems allows local attackers to gain root privileges via a malformed shell...

6.7AI score0.00537EPSS
Exploits0References3
CVE
CVE
added 2001/01/22 5:0 a.m.46 views

CVE-2000-1043

CVE-2000-1043 describes a format-string vulnerability in the ypserv component (and related ypbind behavior) affecting Mandrake Linux 7.1 and earlier, with potential impact on other Linux systems. The underlying issue is a format-string bug that can allow an attacker to gain root privileges when y...

10CVSS6.8AI score0.01826EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2001/01/22 5:0 a.m.48 views

CVE-2000-1004

CVE-2000-1004 documents a format string vulnerability in OpenBSD photurisd. The issue allows local users to execute arbitrary commands via a configuration-file directory name that contains formatting characters. Affected component: photurisd in OpenBSD (specific version details not provided in th...

4.6CVSS7.5AI score0.00356EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2001/01/22 5:0 a.m.55 views

CVE-2000-0995

CVE-2000-0995 describes a format-string vulnerability in the OpenBSD yp_passwd utility (and possibly other BSD-based OSes) that can allow an attacker to gain root privileges via a malformed name. The initial description states the vulnerability and impact; a patch is referenced (028_format_string...

7.2CVSS7.2AI score0.00573EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder