CVE-2004-2026

Published: May 10, 2005

Modified: Aug 8, 2024

PUBLISHED

Description

Format string vulnerability in the logmsg function in svc.c for Pound 1.5 and earlier allows remote attackers to execute arbitrary code via format string specifiers in syslog messages.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://www.apsis.ch/pound/pound_list/archive/2003/2003-12/1070234315000#1070234315000

x_refsource_CONFIRM

1010034

vdb-entry

x_refsource_SECTRACK

11528

third-party-advisory

x_refsource_SECUNIA

5746

vdb-entry

x_refsource_OSVDB

20040507 Pound <=1.5 Remote Exploit (Format string bug)

mailing-list

x_refsource_FULLDISC

pound-logmsg-format-string(16033)

vdb-entry

x_refsource_XF

GLSA-200405-08

vendor-advisory

x_refsource_GENTOO

10267

vdb-entry

x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2004-2026

Description

Affected Products

References