CyberSec.Space Logo
返回 CVE 浏览器

CVE-2005-1100

HIGH
7.5
CVSS Severity Score
EPSS Score0.0980%
EPSS Percentile4.07th
Published2005年5月2日
Last Modified2026年4月16日

Vulnerability Description

Format string vulnerability in the ErrorLog function in cnf.c in Greylisting daemon (GLD) 1.3 and 1.4 allows remote attackers to execute arbitrary code via format string specifiers in data that is passed directly to syslog.

Affected Platforms (CPE)

📦
Salim Gasmi

Gld

= 1.3
📦
Salim Gasmi

Gld

= 1.4

References & Advisories

🔗 http://marc.info/?l=bugtraq&m=111339935903880&w=2
🔗 http://secunia.com/advisories/14941
🔗 http://security.gentoo.org/glsa/glsa-200504-10.xml
🔗 http://securitytracker.com/alerts/2005/Apr/1013678.html
🔗 http://www.osvdb.org/15493
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/20067
🔗 http://marc.info/?l=bugtraq&m=111339935903880&w=2
🔗 http://secunia.com/advisories/14941

相关漏洞威胁

CVE-2005-109910.0

Multiple buffer overflows in the HandleChild function in server.c in Greylisting daemon (GLD) 1.3 and 1.4, when GLD is listening o...

CVE-2005-266910.0

Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 before Build 220_13, and 1.11 before Build 29_13 allows remote at...

CVE-2005-266810.0

Multiple buffer overflows in Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 before Build 220_13, and 1.11 before...

CVE-2005-129910.0

The inserter.cgi script allows remote attackers to execute arbitrary commands via shell metacharacters in the argument.