CVE-2003-0074 - Format string vulnerability in mpmain.c for plpnfsd of the plptools package allows remote attackers

CVE-2003-0074

Summary

Format string vulnerability in mpmain.c for plpnfsd of the plptools package allows remote attackers to execute arbitrary code via the functions (1) debuglog, (2) errorlog, and (3) infolog.

References

http://marc.info/?l=bugtraq&m=104385772908969&w=2
http://marc.info/?l=bugtraq&m=104386699725019&w=2
http://www.iss.net/security_center/static/11193.php
http://www.securityfocus.com/bid/6715

Vulnerable Configurations

cpe:2.3:a:plptools:plptools:0.6:*:*:*:*:*:*:*
cpe:2.3:a:plptools:plptools:0.6:*:*:*:*:*:*:*

CVSS

Base:	7.2 (as of 18-10-2016 - 02:29)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:L/AC:L/Au:N/C:C/I:C/A:C

refmap via4

bid	6715
bugtraq	20030129 Local root vuln in SuSE 8.0 plptools package 20030129 Re: Local root vuln in SuSE 8.0 plptools package
xf	plptools-plpnsfd-format-string(11193)

Last major update

18-10-2016 - 02:29

Published

19-02-2003 - 05:00

Last modified

18-10-2016 - 02:29