CVE-2004-0354

Currently unrated

Key Information:

Vendor: Gnu
Status: Anubis
Vendor: CVE Published:; 23 November 2004

Summary

Multiple format string vulnerabilities in GNU Anubis 3.6.0 through 3.6.2, 3.9.92 and 3.9.93 allow remote attackers to execute arbitrary code via format string specifiers in strings passed to (1) the info function in log.c, (2) the anubis_error function in errs.c, or (3) the ssl_error function in ssl.c.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/15346

vdb-entryx_refsource_XF

http://mail.gnu.org/archive/html/bug-anubis/2004-02/msg00...

mailing-listx_refsource_MLIST

http://marc.info/?l=bugtraq&m=107843915424588&w=2

mailing-listx_refsource_BUGTRAQ

EPSS Score

6% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Nov 23, 2004
Vulnerability Reserved
Mar 17, 2004