Format String Vulnerability in GNU GNATS Affects Remote Execution
CVE-2004-0623

Currently unrated

Key Information:

Vendor: Gnu
Status: Gnats
Vendor: CVE Published:; 6 December 2004

What is CVE-2004-0623?

A format string vulnerability exists in the misc.c file of GNU GNATS version 4.00. This flaw permits attackers to craft specific format string specifiers that, when logged by the system's syslog, can lead to the execution of arbitrary code. Exploiting this vulnerability can compromise server integrity, enabling unauthorized access and control over affected systems.

References

http://marc.info/?l=bugtraq&m=108820000823191&w=2

mailing-listx_refsource_BUGTRAQ

https://exchange.xforce.ibmcloud.com/vulnerabilities/16517

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/10609

vdb-entryx_refsource_BID

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 6, 2004
Vulnerability Reserved
Jun 29, 2004

Gnu

What is CVE-2004-0623?

References

Timeline