CVE-2006-0743

Опубликовано: 09 мар. 2006

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

Format string vulnerability in LocalSyslogAppender in Apache log4net 1.2.9 might allow remote attackers to cause a denial of service (memory corruption and termination) via unknown vectors.

Ссылки

http://issues.apache.org/jira/browse/LOG4NET-67
Patch
Vendor Advisory
http://secunia.com/advisories/19241
Patch
Vendor Advisory
http://secunia.com/advisories/22932
Vendor Advisory
http://www.novell.com/linux/security/advisories/2006_26_sr.html
http://www.osvdb.org/23905
http://www.securityfocus.com/bid/17095
http://www.vupen.com/english/advisories/2006/0955
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/25196
http://issues.apache.org/jira/browse/LOG4NET-67
Patch
Vendor Advisory
http://secunia.com/advisories/19241
Patch
Vendor Advisory
http://secunia.com/advisories/22932
Vendor Advisory
http://www.novell.com/linux/security/advisories/2006_26_sr.html
http://www.osvdb.org/23905
http://www.securityfocus.com/bid/17095
http://www.vupen.com/english/advisories/2006/0955
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/25196

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:apache:log4net:1.2.9_beta:*:*:*:*:*:*:*

EPSS

Процентиль: 89%

0.04579

Низкий

5 Medium

CVSS2

Дефекты

CWE-134

Связанные уязвимости

GHSA-f9fr-w54q-772h

github

почти 4 года назад

Apache log4net format string vulnerability causes DoS