CVE-2004-2571

Name of the Vulnerable Software and Affected Versions EnderUNIX isoqlog version 2.1.1

Description The issue allows remote and local attackers to execute arbitrary code due to multiple buffer overflows in various functions. These functions include parseQmailFromBytesLine, parseQmailToRemoteLine, parseQmailToLocalLine, parseSendmailFromBytesLine, parseSendmailToLine, parseEximFromBytesLine, and parseEximToLine in Parser.c. Local users can also execute arbitrary code via the lowercase and check syslog date functions in Parser.c, and unspecified functions in Dir.c. Additionally, unspecified attackers can execute arbitrary code via the loadconfig and removespaces functions in loadconfig.c, the loadLang function in LangCfg.c, and unspecified functions in Html.c.

Recommendations For EnderUNIX isoqlog version 2.1.1, consider disabling the affected functions, including parseQmailFromBytesLine, parseQmailToRemoteLine, parseQmailToLocalLine, parseSendmailFromBytesLine, parseSendmailToLine, parseEximFromBytesLine, parseEximToLine, lowercase, check syslog date, loadconfig, removespaces, and loadLang, until a patch is available. Restrict access to the vulnerable modules, such as Parser.c, Dir.c, loadconfig.c, LangCfg.c, and Html.c, to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.