Back to search
CVE-2004-1097
Published: Dec 1, 2004
Modified: Aug 8, 2024
PUBLISHED
Description
Format string vulnerability in the cherokee_logger_ncsa_write_string function in Cherokee 0.4.17 and earlier, when authenticating via auth_pam, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via format string specifiers in the URL.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
cherokee-format-string(17934)
vdb-entry
x_refsource_XF
GLSA-200411-02
vendor-advisory
x_refsource_GENTOO
11574
vdb-entry
x_refsource_BID
http://bugs.gentoo.org/show_bug.cgi?id=67667
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now