exploits , vulnerabilities , articles , Rob Brown Net-Server Perl Module Logging Function Format String Vulnerability

Title	Rob Brown Net-Server Perl Module Logging Function Format String Vulnerability
Published	2005-04-15-12:00AM
Updated	2005-07-13-03:10PM
Class	Input Validation Error
CVE	CAN-2005-1127
Remote	Yes
Local	Yes
Credit	Discovery of the issue in Postgrey is credited to Stefan Schmidt. "Dr. Peter Bieringer" <pbieringer@aerasec.de> discovered the issue in Net-Server along with assistance from David Schweikert and Stefan Schmidt.
Vulnerable	S.u.S.E. Linux Personal 9.3 S.u.S.E. Linux Personal 9.2 x86_64 S.u.S.E. Linux Personal 9.2 S.u.S.E. Linux Personal 9.1 x86_64 S.u.S.E. Linux Personal 9.1 S.u.S.E. Linux Personal 9.0 x86_64 S.u.S.E. Linux Personal 9.0 S.u.S.E. Linux Personal 8.2 S.u.S.E. Linux 8.1 S.u.S.E. Linux 8.0 i386 S.u.S.E. Linux 8.0 S.u.S.E. Linux 7.3 sparc S.u.S.E. Linux 7.3 ppc S.u.S.E. Linux 7.3 i386 S.u.S.E. Linux 7.3 S.u.S.E. Linux 7.2 i386 S.u.S.E. Linux 7.2 S.u.S.E. Linux 7.1 x86 S.u.S.E. Linux 7.1 sparc S.u.S.E. Linux 7.1 ppc S.u.S.E. Linux 7.1 alpha S.u.S.E. Linux 7.1 S.u.S.E. Linux 7.0 sparc S.u.S.E. Linux 7.0 ppc S.u.S.E. Linux 7.0 i386 S.u.S.E. Linux 7.0 alpha S.u.S.E. Linux 7.0 S.u.S.E. Linux 6.4 ppc S.u.S.E. Linux 6.4 i386 S.u.S.E. Linux 6.4 alpha S.u.S.E. Linux 6.4 S.u.S.E. Linux 6.3 ppc S.u.S.E. Linux 6.3 alpha S.u.S.E. Linux 6.3 S.u.S.E. Linux 6.2 S.u.S.E. Linux 6.1 alpha S.u.S.E. Linux 6.1 S.u.S.E. Linux 6.0 S.u.S.E. Linux 5.3 S.u.S.E. Linux 5.2 S.u.S.E. Linux 5.1 S.u.S.E. Linux 5.0 S.u.S.E. Linux 4.4.1 S.u.S.E. Linux 4.4 S.u.S.E. Linux 4.3 S.u.S.E. Linux 4.2 S.u.S.E. Linux 4.0 S.u.S.E. Linux 3.0 S.u.S.E. Linux 2.0 S.u.S.E. Linux 1.0 Rob Brown NetServer 0.87 Rob Brown NetServer 0.86 Rob Brown NetServer 0.85 Rob Brown NetServer 0.84 Postgrey Postgrey 1.18 Rob Brown NetServer 0.87 Postgrey Postgrey 1.17 Rob Brown NetServer 0.87 Postgrey Postgrey 1.16 Rob Brown NetServer 0.87
Not Vulnerable
Code	Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: content@securitydot.net <mailto:content@securitydot.net>.
TXT

Vulnerabilities - newest 10 RSS | More

2008-12-01 SystemImager Flamethrower Insecure Temporary File Creation Vulnerabilities
2008-12-01 Rumpus FTP Server Command Argument Remote Buffer Overflow Vulnerability
2008-12-01 Rumpus FTP Server HTTP Command Remote Denial of Service Vulnerability
2008-11-29 Multiple ActiveWebSoftwares Products Login Parameters SQL Injection Vulnerabilities
2008-11-29 Venalsur Booking Centre Multiple Cross-Site Scripting Vulnerabilities
2008-11-28 ReVou Login SQL Injection Vulnerability
2008-11-28 Web Calendar System SQL Injection and Cross Site Scripting Vulnerabilities
2008-11-28 SailPlanner Login SQL Injection Vulnerability
2008-11-28 Livio.net WEB Calendar Cross Site Scripting and Multiple SQL Injection Vulnerabilities
2008-11-28 Subtext Anchor Tags HTML Injection Vulnerability