Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-1246

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2005-1246
Last Modified 05 Sep 2008 04:48:38
Published 24 Apr 2005 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-1246

Summary

Format string vulnerability in the snmppd_log function in snmppd_util.c for snmppd 0.4.5 and earlier may allow remote attackers to cause a denial of service or execute arbitrary code via format string specifiers that are not properly handled in a syslog call.

Vulnerable Systems

Application

  • Vladislav Bogdanov Snmppd 0.4

  • Vladislav Bogdanov Snmppd 0.4.1

  • Vladislav Bogdanov Snmppd 0.4.2

  • Vladislav Bogdanov Snmppd 0.4.3

  • Vladislav Bogdanov Snmppd 0.4.3 Special

  • Vladislav Bogdanov Snmppd 0.4.4

  • Vladislav Bogdanov Snmppd 0.4.5


References

MISC - http://x82.inetcop.org/h0me/adv1sor1es/INCSA.2005-0x82-027-SNMPPD.txt

VULNWATCH - 20050425 [INetCop Security Advisory] Snmppd potentially format string vulnerability.

SECUNIA - 15120


Last Updated: 27 May 2016 10:40:05