3 matches found
CVE-2005-1125
CVE-2005-1125 describes a race condition in the Libsafe library (versions up to 2.0.16) that can occur in multi-threaded applications. The issue allows an attacker to bypass Libsafe protection and potentially trigger other vulnerabilities before the _libsafe_die function completes. Public details...
CVE-2002-0175
The CVE-2002-0175 issue concerns libsafe 2.0-11 and earlier, where format-string protection can be bypassed by using certain characters ("'" and "I") that are implemented in glibc but not in libsafe. The connected Mandrake advisory (MDKSA-2002:026) states that this bypass arises from how printf w...
CVE-2002-0176
CVE-2002-0176 concerns the printf wrappers in libsafe, affected in versions 2.0-11 and earlier. The vulnerability arises because the wrappers do not properly handle argument indexing specifiers, allowing certain calls to proceed with unverified arguments. Mandrake’s MDKSA-2002:026 notes that form...