CVE-2005-2409

Sažetak

Format string vulnerability in util.c in nbsmtp 0.99 and earlier, while running in debug mode, allows remote attackers to execute arbitrary code via format string specifiers that are not properly handled in a syslog call.

Reference

http://people.freebsd.org/~niels/issues/nbsmtp-20050726.txt
http://secunia.com/advisories/16279
http://secunia.com/advisories/16324
http://www.securityfocus.com/bid/14441
http://www.vuxml.org/freebsd/debbb39c-fdb3-11d9-a30d-00b0d09acbfc.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/21674

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

11-07-2017 - 01:32

Objavljeno

01-08-2005 - 04:00