ID CVE-2005-2958
Summary Multiple format string vulnerabilities in the GNOME Data Access library for GNOME2 (libgda2) 1.2.1 and earlier allow attackers to execute arbitrary code.
References
Vulnerable Configurations
  • cpe:2.3:a:gnome:libgda2:1.2.1
    cpe:2.3:a:gnome:libgda2:1.2.1
CVSS
Base: 7.5 (as of 25-10-2005 - 12:37)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2005-203.NASL
    description Steve Kemp discovered two format string vulnerabilities in libgda2, the GNOME Data Access library for GNOME2, which may lead to the execution of arbitrary code in programs that use this library. The updated packages have been patched to correct this issue.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 20438
    published 2006-01-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20438
    title Mandrake Linux Security Advisory : gda2.0 (MDKSA-2005:203)
  • NASL family SuSE Local Security Checks
    NASL id SUSE9_10554.NASL
    description This update fixes the following security problem: libgda contained two format string bugs in logging routines. Those bugs could potentially indirectly lead to arbitrary code execution via applications that link against libgda and supply data to libgda. (CVE-2005-2958)
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 41082
    published 2009-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=41082
    title SuSE9 Security Update : libgda (YOU Patch Number 10554)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-212-1.NASL
    description Steve Kemp discovered two format string vulnerabilities in the logging handler of the Gnome database access library. Depending on the application that uses the library, this could have been exploited to execute arbitrary code with the permission of the user running the application. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-08-15
    plugin id 20630
    published 2006-01-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20630
    title Ubuntu 4.10 / 5.04 / 5.10 : libgda2 vulnerability (USN-212-1)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2005-1029.NASL
    description - Wed Oct 26 2005 Caolan McNamara 1:1.0.4-3.1 - CVE-2005-2958 libgda format string issue Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 20164
    published 2005-11-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20164
    title Fedora Core 3 : libgda-1.0.4-3.1 (2005-1029)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-871.NASL
    description Steve Kemp discovered two format string vulnerabilities in libgda2, the GNOME Data Access library for GNOME2, which may lead to the execution of arbitrary code in programs that use this library.
    last seen 2019-02-21
    modified 2018-08-09
    plugin id 22737
    published 2006-10-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22737
    title Debian DSA-871-2 : libgda2 - format string
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200511-01.NASL
    description The remote host is affected by the vulnerability described in GLSA-200511-01 (libgda: Format string vulnerabilities) Steve Kemp discovered two format string vulnerabilities in the gda_log_error and gda_log_message functions. Some applications may pass untrusted input to those functions and be vulnerable. Impact : An attacker could pass malicious input to an application making use of the vulnerable libgda functions, potentially resulting in the execution of arbitrary code with the rights of that application. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-07-11
    plugin id 20140
    published 2005-11-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20140
    title GLSA-200511-01 : libgda: Format string vulnerabilities
refmap via4
bid 15200
debian DSA-871
fedora FEDORA-2005-1029
gentoo GLSA-200511-01
mandriva MDKSA-2005:203
sectrack 1015107
secunia
  • 17323
  • 17339
  • 17391
  • 17426
  • 17500
  • 17559
suse
  • SUSE-SR:2005:026
  • SUSE-SR:2005:027
ubuntu USN-212-1
Last major update 02-04-2010 - 01:35
Published 25-10-2005 - 12:02
Last modified 03-10-2018 - 17:31
Back to Top