Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2004-1097

Опубликовано: 10 янв. 2005
Источник: nvd
CVSS2: 10
EPSS Низкий

Описание

Format string vulnerability in the cherokee_logger_ncsa_write_string function in Cherokee 0.4.17 and earlier, when authenticating via auth_pam, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via format string specifiers in the URL.

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:cherokee:cherokee_httpd:0.1:*:*:*:*:*:*:*
cpe:2.3:a:cherokee:cherokee_httpd:0.1.5:*:*:*:*:*:*:*
cpe:2.3:a:cherokee:cherokee_httpd:0.1.6:*:*:*:*:*:*:*
cpe:2.3:a:cherokee:cherokee_httpd:0.2:*:*:*:*:*:*:*
cpe:2.3:a:cherokee:cherokee_httpd:0.2.5:*:*:*:*:*:*:*
cpe:2.3:a:cherokee:cherokee_httpd:0.2.6:*:*:*:*:*:*:*
cpe:2.3:a:cherokee:cherokee_httpd:0.2.7:*:*:*:*:*:*:*
cpe:2.3:a:cherokee:cherokee_httpd:0.4.6:*:*:*:*:*:*:*
cpe:2.3:a:cherokee:cherokee_httpd:0.4.7:*:*:*:*:*:*:*
cpe:2.3:a:cherokee:cherokee_httpd:0.4.8:*:*:*:*:*:*:*
cpe:2.3:a:cherokee:cherokee_httpd:0.4.17:*:*:*:*:*:*:*

EPSS

Процентиль: 88%
0.04101
Низкий

10 Critical

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

debian
больше 20 лет назад

Format string vulnerability in the cherokee_logger_ncsa_write_string f ...

github
больше 3 лет назад

Format string vulnerability in the cherokee_logger_ncsa_write_string function in Cherokee 0.4.17 and earlier, when authenticating via auth_pam, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via format string specifiers in the URL.

EPSS

Процентиль: 88%
0.04101
Низкий

10 Critical

CVSS2

Дефекты

NVD-CWE-Other