Format String Vulnerability in Linux Kiss Server by Linux.
CVE-2008-1206

Currently unrated

Key Information:

Vendor: Linux Kiss Server
Status: Linux Kiss Server
Vendor: CVE Published:; 8 March 2008

🔔 Create Linux Kiss Server Vulnerability Alert

What is CVE-2008-1206?

A format string vulnerability exists in the log_message function within lks.c of Linux Kiss Server 1.2. This issue arises when the server operates in a non-background (daemon) mode, allowing remote attackers to exploit format string specifiers in malformed commands. This exploitation can lead to a denial of service condition or could potentially allow attackers to execute arbitrary code, significantly compromising system security.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/41018

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/28099

vdb-entryx_refsource_BID

http://www.vashnukad.com/

x_refsource_MISC

EPSS Score

5% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 8, 2008
Vulnerability Reserved
Mar 7, 2008