ID CVE-2004-0623
Summary Format string vulnerability in misc.c in GNU GNATS 4.00 may allow remote attackers to execute arbitrary code via format string specifiers in a string that gets logged by syslog.
References
Vulnerable Configurations
  • cpe:2.3:a:gnu:gnats:3.0_02
    cpe:2.3:a:gnu:gnats:3.0_02
  • GNU GNATS 3.113
    cpe:2.3:a:gnu:gnats:3.113
  • GNU GNATS 3.113.1
    cpe:2.3:a:gnu:gnats:3.113.1
  • cpe:2.3:a:gnu:gnats:3.113.1.6
    cpe:2.3:a:gnu:gnats:3.113.1.6
  • cpe:2.3:a:gnu:gnats:3.14b
    cpe:2.3:a:gnu:gnats:3.14b
  • GNU GNATS 3.2
    cpe:2.3:a:gnu:gnats:3.2
  • GNU GNATS 4.0
    cpe:2.3:a:gnu:gnats:4.0
CVSS
Base: 10.0 (as of 01-01-2004 - 00:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
nessus via4
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-590.NASL
    description Khan Shirani discovered a format string vulnerability in gnats, the GNU problem report management system. This problem may be exploited to execute arbitrary code.
    last seen 2019-02-21
    modified 2018-07-20
    plugin id 15688
    published 2004-11-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=15688
    title Debian DSA-590-1 : gnats - format string vulnerability
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_GNATS_40_2.NASL
    description The following package needs to be updated: gnats
    last seen 2016-09-26
    modified 2004-11-23
    plugin id 15802
    published 2004-11-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=15802
    title FreeBSD : gnats -- format string vulnerability (59)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_FC99C736349911D998A70090962CFF2A.NASL
    description Gnats suffers from a format string bug, which may enable an attacker to execute arbitary code.
    last seen 2019-02-21
    modified 2018-11-23
    plugin id 36760
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=36760
    title FreeBSD : gnats -- format string vulnerability (fc99c736-3499-11d9-98a7-0090962cff2a)
refmap via4
bid 10609
bugtraq 20040625 format string vulnerability in Gnats
xf gnats-format-string(16517)
Last major update 17-10-2016 - 22:46
Published 06-12-2004 - 00:00
Last modified 10-07-2017 - 21:30
Back to Top