Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0920

Overview

Vulnerability Score 6.2 6.2
CVE Id CVE-2001-0920
Last Modified 05 Sep 2008 04:25:14
Published 26 Nov 2001 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity HIGH
Authentication NONE

CVE-2001-0920

Summary

Format string vulnerability in auto nice daemon (AND) 1.0.4 and earlier allows a local user to possibly execute arbitrary code via a process name containing a format string.

Vulnerable Systems

Application

  • Patrick Schemitz Autonice Daemon 1.0.0

  • Patrick Schemitz Autonice Daemon 1.0.1

  • Patrick Schemitz Autonice Daemon 1.0.2

  • Patrick Schemitz Autonice Daemon 1.0.3

  • Patrick Schemitz Autonice Daemon 1.0.4


References

XF - and-format-string(7606)

BID - 3580

BUGTRAQ - 20011126 [CERT-intexxia] Auto Nice Daemon Format String Vulnerability

CONFIRM - http://and.sourceforge.net/


Last Updated: 27 May 2016 10:36:26