Описание
Format string vulnerability in talkd in OpenBSD and possibly other BSD-based OSes allows remote attackers to execute arbitrary commands via a user name that contains format characters.
Ссылки
- Vendor Advisory
- PatchVendor Advisory
- Vendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:o:openbsd:openbsd:2.3:*:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:2.4:*:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:2.5:*:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:2.6:*:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:2.7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:linux:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:linux:5.1:*:*:*:*:*:*:*
cpe:2.3:o:redhat:linux:5.2:*:alpha:*:*:*:*:*
cpe:2.3:o:redhat:linux:5.2:*:i386:*:*:*:*:*
cpe:2.3:o:redhat:linux:5.2:*:sparc:*:*:*:*:*
EPSS
Процентиль: 82%
0.01633
Низкий
10 Critical
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Format string vulnerability in talkd in OpenBSD and possibly other BSD-based OSes allows remote attackers to execute arbitrary commands via a user name that contains format characters.
EPSS
Процентиль: 82%
0.01633
Низкий
10 Critical
CVSS2
Дефекты
NVD-CWE-Other