10

CVE-2004-0450

Format string vulnerability in the printlog function in log2mail before 0.2.5.2 allows local users or remote attackers to execute arbitrary code via format string specifiers in a logfile monitored by log2mail.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Log2mailLog2mail Version0.2.2.2
Log2mailLog2mail Version0.2.5.0
Log2mailLog2mail Version0.2.5.1
Log2mailLog2mail Version0.2.5.2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 4.74% 0.907
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://felinemenace.org/~jaguar/advisories/log2mail.txt
http://osvdb.org/6711
http://secunia.com/advisories/11768
http://secunia.com/advisories/11769
http://www.debian.org/security/2004/dsa-513
Patch
Vendor Advisory
http://www.securityfocus.com/bid/10460
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/16311