ID CVE-2003-1236
Summary Multiple format string vulnerabilities in the logger function in netzio.c for Tanne 0.6.17 allows remote attackers to execute arbitrary code via format string specifiers in syslog.
References
Vulnerable Configurations
  • cpe:2.3:a:tanne:tanne:0.6.17:*:*:*:*:*:*:*
    cpe:2.3:a:tanne:tanne:0.6.17:*:*:*:*:*:*:*
CVSS
Base: 10.0 (as of 05-09-2008 - 20:36)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:C/I:C/A:C
refmap via4
bid 6553
bugtraq
  • 20030107 [INetCop Security Advisory] Remote format string vulnerability in Tanne.
  • 20030108 Tanne Remote format string exploit (Proof of Concept)
confirm http://tanne.fluxnetz.de/download/tanne-0.7.1.tar.bz2
sectrack 1005900
secunia 7831
vulnwatch 20030107 [INetCop Security Advisory] Remote format string vulnerability in Tanne.
xf tanne-logger-format-string(11006)
Last major update 05-09-2008 - 20:36
Published 31-12-2003 - 05:00
Last modified 05-09-2008 - 20:36
Back to Top