Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0451

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2004-0451
Last Modified 07 Mar 2011 09:15:52
Published 06 Dec 2004 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-0451

Summary

Multiple format string vulnerabilities in the (1) logquit, (2) logerr, or (3) loginfo functions in Software Upgrade Protocol (SUP) allows remote attackers to execute arbitrary code via format string specifiers in messages that are logged by syslog.

Vulnerable Systems

Operating System

  • Debian Linux 3.0

Application

  • Sup 1.8


References

XF - sup-format-string(16459)

BID - 10571

DEBIAN - DSA-521

SECTRACK - 1010539


Last Updated: 27 May 2016 10:38:36