3203 matches found
CVE-2000-0901
The vulnerability CVE-2000-0901 affects the screen program (versions 3.9.5 and earlier). It stems from a format string vulnerability in the vbell_msg initialization, enabling local users to gain root privileges. Exploitation details are not provided in the supplied documents, and a remediation/pa...
CVE-2000-1010
Format string vulnerability in talkd in OpenBSD and possibly other BSD-based OSes allows remote attackers to execute arbitrary commands via a user name that contains format characters...
CVE-2000-0996
CVE-2000-0996: A format-string vulnerability in the OpenBSD su utility (and possibly other BSD-based OSes) allows a local attacker to gain root privileges via a malformed shell. The issue is described in the NVD entry with a CVSS v2 base score of 7.2 (HIGH) and LOCAL, LOW–complexity conditions, e...
CVE-2000-1000
Format string vulnerability in AOL Instant Messenger AIM 4.1.2010 allows remote attackers to cause a denial of service and possibly execute arbitrary commands by transferring a file whose name includes format characters...
CVE-2000-1040
Format string vulnerability in logging function of ypbind 3.3, while running in debug mode, leaks file descriptors and allows an attacker to cause a denial of service...
CVE-2000-1014
Format string vulnerability in the search97.cgi CGI script in SCO help http server for Unixware 7 allows remote attackers to execute arbitrary commands via format characters in the queryText parameter...
Icecast 1.3.7/1.3.8 - 'print_client()' Format String
// source: https://www.securityfocus.com/bid/2264/info Versions of icecast up to and including 1.3.8 beta2 exhibit a format string vulnerability in the printclientfunction of utility.c. A malicious user can cause the printf function to overwrite memory at possibly arbitrary addresses. Exploits...
Icecast 1.3.71.3.8 - print_client() Format String
Icecast 1.3.71.3.8 - printclient Format String // source: https://www.securityfocus.com/bid/2264/info Versions of icecast up to and including 1.3.8 beta2 exhibit a format string vulnerability in the printclientfunction of utility.c. A malicious user can cause the printf function to overwrite memo...
Debian 2.2 - splitvt Format String
Debian 2.2 - splitvt Format String // source: https://www.securityfocus.com/bid/2210/info splitvt is a VT100 window splitter, designed to allow the user two command line interfaces in one terminal window, originally written by Sam Lantinga. It is freely available, open source, and included with...
CVE-2000-0901
Format string vulnerability in screen 3.9.5 and earlier allows local users to gain root privileges via format characters in the vbellmsg initialization variable...
CVE-2000-0993
Format string vulnerability in pwerror function in BSD libutil library allows local users to gain root privileges via a malformed password in commands such as chpass or passwd...
CVE-2000-0950
Format string vulnerability in x-gw in TIS Firewall Toolkit FWTK allows local users to execute arbitrary commands via a malformed display name...
CVE-2000-0918
Format string vulnerability in kvt in KDE 1.1.2 may allow local users to execute arbitrary commands via a DISPLAY environmental variable that contains formatting characters...
CVE-2000-0996
Format string vulnerability in OpenBSD su program and possibly other BSD-based operating systems allows local attackers to gain root privileges via a malformed shell...
CVE-2000-0947
Format string vulnerability in cfd daemon in GNU CFEngine before 1.6.0a11 allows attackers to execute arbitrary commands via format characters in the CAUTH command...
CVE-2000-0917
Format string vulnerability in usesyslog function in LPRng 3.6.24 allows remote attackers to execute arbitrary commands...
CVE-2000-0995
Format string vulnerability in OpenBSD yppasswd program and possibly other BSD-based operating systems allows attackers to gain root privileges a malformed name...
CVE-2000-0994
Format string vulnerability in OpenBSD fstat program and possibly other BSD-based operating systems allows local users to gain root privileges via the PWD environmental variable...
CVE-2000-1043
Format string vulnerability in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog function...
CVE-2000-1010
Format string vulnerability in talkd in OpenBSD and possibly other BSD-based OSes allows remote attackers to execute arbitrary commands via a user name that contains format characters...