Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0681

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-0681
Last Modified 07 Mar 2011 09:30:35
Published 14 Feb 2006 07:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-0681

Summary

Format string vulnerability in powerd.c in Power Daemon (powerd) 2.0.2 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the WHATIDO variable.

Vulnerable Systems

Application

  • Power Daemon 2.0.0

  • Power Daemon 2.0.0.1

  • Power Daemon 2.0.1

  • Power Daemon 2.0.1.1

  • Power Daemon 2.0.2


References

VUPEN - ADV-2006-0545

SECUNIA - 18841

MISC - http://gotfault.net/research/advisory/gadv-powerd.txt

XF - powerdaemon-syslog-format-string(24713)

BID - 16582


Last Updated: 27 May 2016 10:41:45