CVE-2008-1206

Name of the Vulnerable Software and Affected Versions Linux Kiss Server version 1.2

Description The issue is related to a format string vulnerability in the log message function. This vulnerability can be exploited by remote attackers when the Linux Kiss Server is not running in background (daemon) mode. Attackers can cause a denial of service or potentially execute arbitrary code by including format string specifiers in an invalid command.

Recommendations For Linux Kiss Server version 1.2, consider disabling the log message function in lks.c or restrict access to it until a patch is available. As a temporary workaround, enable background (daemon) mode to minimize the risk of exploitation.