CVE-2005-1246

Sažetak

Format string vulnerability in the snmppd_log function in snmppd_util.c for snmppd 0.4.5 and earlier may allow remote attackers to cause a denial of service or execute arbitrary code via format string specifiers that are not properly handled in a syslog call.

Reference

http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0022.html
http://secunia.com/advisories/15120
http://x82.inetcop.org/h0me/adv1sor1es/INCSA.2005-0x82-027-SNMPPD.txt

CVSS

Base:	10.0
Impact:	10.0
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

05-09-2008 - 20:48

Objavljeno

24-04-2005 - 04:00