PT-2004-1577 · Unknown · Software Upgrade Protocol

Published

2004-06-30

Updated

2017-07-11

CVE-2004-0451

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Software Upgrade Protocol (SUP) (affected versions not specified)

Description The issue concerns multiple format string vulnerabilities in the logquit, logerr, or loginfo functions. These vulnerabilities allow remote attackers to execute arbitrary code via format string specifiers in messages that are logged by syslog.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2004-0451

DSA-521

Affected Products

Software Upgrade Protocol

PT-2004-1577 · Unknown · Software Upgrade Protocol

CVE-2004-0451

Related Identifiers

Affected Products

References · 8