Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0980

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2004-0980
Last Modified 10 Sep 2008 03:28:26
Published 09 Feb 2005 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-0980

Summary

Format string vulnerability in ez-ipupdate.c for ez-ipupdate 3.0.10 through 3.0.11b8, when running in daemon mode with certain service types in use, allows remote servers to execute arbitrary code.

Vulnerable Systems

Operating System

  • Debian Linux 3.0

  • Gentoo Linux

Application

  • Angus Mackay Ez-ipupdate 3.0.11b5

  • Angus Mackay Ez-ipupdate 3.0.11b8


References

BID - 11657

GENTOO - GLSA-200411-20

XF - eziupdate-showmessage-format-string(18032)

DEBIAN - DSA-592

SECUNIA - 13167

FULLDISC - 20041111 ez-ipupdate format string bug

MANDRAKE - MDKSA-2004:129


Last Updated: 27 May 2016 10:38:50