Описание
Format string vulnerability in the log function in SUS 2.0.2, and other versions before 2.0.6, allows local users to execute arbitrary code via format string specifiers in a command line argument that is passed directly to syslog.
Format string vulnerability in the log function in SUS 2.0.2, and other versions before 2.0.6, allows local users to execute arbitrary code via format string specifiers in a command line argument that is passed directly to syslog.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2004-1469
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17361
- http://marc.info/?l=bugtraq&m=109517782910407&w=2
- http://pdg.uow.edu.au/sus/CHANGES
- http://security.lss.hr/index.php?page=details&ID=LSS-2004-09-01
- http://www.gentoo.org/security/en/glsa/glsa-200409-17.xml
- http://www.securityfocus.com/bid/11176
EPSS
CVE ID
Связанные уязвимости
Format string vulnerability in the log function in SUS 2.0.2, and other versions before 2.0.6, allows local users to execute arbitrary code via format string specifiers in a command line argument that is passed directly to syslog.
Уязвимость операционной системы Gentoo Linux, позволяющая злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
EPSS