7.5
CVE-2004-2026
- EPSS 6.64%
- Veröffentlicht 31.12.2004 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:08:51
- CVE-Watchlists
- Unerledigt
Format string vulnerability in the logmsg function in svc.c for Pound 1.5 and earlier allows remote attackers to execute arbitrary code via format string specifiers in syslog messages.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 6.64% | 0.93 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0343.html
http://secunia.com/advisories/11528
http://security.gentoo.org/glsa/glsa-200405-08.xml
http://securitytracker.com/id?1010034
http://www.apsis.ch/pound/pound_list/archive/2003/2003-12/1070234315000#1070234315000
http://www.osvdb.org/5746
http://www.securityfocus.com/bid/10267
https://exchange.xforce.ibmcloud.com/vulnerabilities/16033