1638 matches found
Syslog Server 1.2.3 - Crash PoC
No description provided by source. !/usr/bin/python Exploit Title: Syslog Server 1.2.3 Date: 12th June 2013 Exploit Author: npn Exploit Author Homepage: http://www.iodigitalsec.com/ Vendor Homepage: http://sourceforge.net/users/ghuysmans Software Link:...
Berlios GPSD Format String Vulnerability
No description provided by source. $Id: gpsdformatstring.rb 9179 2010-04-30 08:40:19Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...
Check Point FW-1 Syslog Daemon Unfiltered Escape Sequence Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7161/info An issue has been discovered in Check Point FW-1 syslog daemon when attempting to process a malicious, remotely supplied, syslog message. Specifically, some messages containing escape sequences are not properly...
Conectiva 4.x/5.x,Debian 2.x,RedHat 6.x,S.u.S.E 6.x/7.0,Trustix 1.x rpc.statd Remote Format String (2)
No description provided by source. source: http://www.securityfocus.com/bid/1480/info A vulnerability exists in the 'rpc.statd' program, which is part of the 'nfs-utils' package that is shipped with a number of popular Linux distributions. Because of a format-string vulnerability when calling the...
Aanval 7.1 build 70151 - Multiple Vulnerabilities
No description provided by source. ----------- Author: ----------- xistence xistenceat0x90.nl ------------------------- Affected products: ------------------------- Aanval 7.1 build 70151 ------------------------- Affected vendors: ------------------------- Aanval http://www.aanval.com/...
WinSyslog Interactive Syslog Server 4.21/ long Message Remote Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8821/info WinSyslog is prone to a remotely exploitable denial of service vulnerability. The issue exists in the Interactive Syslog Server specifically. This occurs when the program receives multiple excessive syslog...
Passlog Daemon 0.1 SL_Parse Remote Buffer Overflow Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/7261/info It has been reported that passlogd does not properly handle some types of input. Because of this, an attacker may be able to gain unauthorized access to hosts running the vulnerable software. / Title: Remote...
Conectiva 4.x/5.x,Debian 2.x,RedHat 6.x,S.u.S.E 6.x/7.0,Trustix 1.x rpc.statd Remote Format String (3)
No description provided by source. source: http://www.securityfocus.com/bid/1480/info A vulnerability exists in the 'rpc.statd' program, which is part of the 'nfs-utils' package that is shipped with a number of popular Linux distributions. Because of a format-string vulnerability when calling the...
TANne 0.6.17 Session Manager SysLog Format String Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6553/info TANne is a freely available, open source session management package. It is available for Unix and Linux operating systems. Due to programming error, it may be possible to exploit a format string vulnerability. A...
William Deich Super 3.x SysLog Format String Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5367/info super is prone to a format string vulnerability. This problem is due to incorrect use of the syslog function to log error messages. It is possible to corrupt memory by passing format strings through the vulnerab...
Conectiva 4.x/5.x,Debian 2.x,RedHat 6.x,S.u.S.E 6.x/7.0,Trustix 1.x rpc.statd Remote Format String (1)
No description provided by source. source: http://www.securityfocus.com/bid/1480/info A vulnerability exists in the 'rpc.statd' program, which is part of the 'nfs-utils' package that is shipped with a number of popular Linux distributions. Because of a format-string vulnerability when calling the...
zkfingerd SysLog 0.9.1 Format String Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6402/info zkfingerd is prone to a format string vulnerability. This problem is due to incorrect use of the 'syslog' function to log error messages. It is possible to corrupt memory by passing format strings through the...
ngIRCd <= 0.8.2 - Remote Format String Exploit
No description provided by source. / ngircdfsexp.c ngIRCd = 0.8.2 remote format string exploit Note: To obtain a successful exploitation, we need that ngIRCd has been compiled with IDENT, logging to SYSLOG and DEBUG enabled. Original Reference: http://www.nosystem.com.ar/advisories/advisory-11.tx...
Enterasys NetSight nssyslogd.exe Buffer Overflow
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...
Mikrotik Syslog Server for Windows 1.15 - Denial of Service
No description provided by source. Exploit Title: Mikrotik Syslog Server for Windows - remote BOF DOS Date: 19.04.2013 Exploit Author: xisone@STM Solutions Vendor Homepage: www.mikrotik.com Software Link: http://www.mikrotik.com/download/MTSyslog.exe Version: 1.15 most recent version 19.04.2013...
Debian Linux 2.0 Super Syslog Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/342/info After the first super buffer overflow vulnerability was discovered, another appeared shortly after. This vulnerability exists when the syslog option is enabled. The overflow is in the file error.c, in the Error...
Slurp 1.10 SysLog Remote Format String Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/4935/info slurp is a freely available, open source NNTP client. It is designed for use on most Unix and Linux operating systems. It may be possible for a remote server to execute code on a vulnerable client. slurp offers...
Syslog Watcher Pro 2.8.0.812 - (Date Parameter) - Cross Site Scripting Vulnerability
No description provided by source. Title: Syslog Watcher Pro 'Date' Parameter Cross Site Scripting Vulnerability Software : Syslog Watcher Pro Software Version : v2.8.0.812Jun 15, 2009 Vendor: http://www.snmpsoft.com/ Vulnerability Published : 2013-04-27 Vulnerability Update Time : Status : Impac...
Critical: Red Hat Security Advisory: rubygem-openshift-origin-node security update
An updated rubygem-openshift-origin-node package that fixes one security issue and several bugs is now available for Red Hat OpenShift Enterprise 2.1.1. The Red Hat Security Response Team has rated this update as having Critical security impact. A Common Vulnerability Scoring System CVSS base...
YASAT - Yet Another Stupid Audit Tool
YASAT Yet Another Stupid Audit Tool is a simple stupid audit tool. Its goal is to be as simple as possible with minimum binary dependencies only sed, grep and cut Second goal is to document each test with maximum information and links to official documentation. It do many tests for checking...