CyberSec.Space Logo
Back to CVE Browser

CVE-2005-1100

HIGH
7.5
CVSS Severity Score
EPSS Score0.0980%
EPSS Percentile4.07th
PublishedMay 2, 2005
Last ModifiedApr 16, 2026

Vulnerability Description

Format string vulnerability in the ErrorLog function in cnf.c in Greylisting daemon (GLD) 1.3 and 1.4 allows remote attackers to execute arbitrary code via format string specifiers in data that is passed directly to syslog.

Affected Platforms (CPE)

πŸ“¦
Salim Gasmi

Gld

= 1.3
πŸ“¦
Salim Gasmi

Gld

= 1.4

References & Advisories

πŸ”— http://marc.info/?l=bugtraq&m=111339935903880&w=2
πŸ”— http://secunia.com/advisories/14941
πŸ”— http://security.gentoo.org/glsa/glsa-200504-10.xml
πŸ”— http://securitytracker.com/alerts/2005/Apr/1013678.html
πŸ”— http://www.osvdb.org/15493
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/20067
πŸ”— http://marc.info/?l=bugtraq&m=111339935903880&w=2
πŸ”— http://secunia.com/advisories/14941

Related Vulnerabilities

CVE-2005-109910.0

Multiple buffer overflows in the HandleChild function in server.c in Greylisting daemon (GLD) 1.3 and 1.4, when GLD is listening o...

CVE-2005-266810.0

Multiple buffer overflows in Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 before Build 220_13, and 1.11 before...

CVE-2005-129910.0

The inserter.cgi script allows remote attackers to execute arbitrary commands via shell metacharacters in the argument.

CVE-2005-063510.0

Buffer overflow in Foxmail Server 2.0 allows remote attackers to execute arbitrary code via a long USER command.