CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2003-1236

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0930%
EPSS Percentile8.57th
Published2003年12月31日
Last Modified2026年4月16日

Vulnerability Description

Multiple format string vulnerabilities in the logger function in netzio.c for Tanne 0.6.17 allows remote attackers to execute arbitrary code via format string specifiers in syslog.

Affected Platforms (CPE)

📦
Tanne

Tanne

= 0.6.17

References & Advisories

🔗 http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0011.html
🔗 http://secunia.com/advisories/7831
🔗 http://tanne.fluxnetz.de/download/tanne-0.7.1.tar.bz2
🔗 http://www.iss.net/security_center/static/11006.php
🔗 http://www.securityfocus.com/archive/1/305460
🔗 http://www.securityfocus.com/archive/1/305663
🔗 http://www.securityfocus.com/bid/6553
🔗 http://www.securitytracker.com/id?1005900

相關漏洞威脅

CVE-2003-109010.0

Buffer overflow in AbsoluteTelnet before 2.12 RC10 allows remote attackers to execute arbitrary code via a long window title.

CVE-2003-016110.0

The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions ...

CVE-2003-071510.0

Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers...

CVE-2003-004110.0

Kerberos FTP client allows remote FTP sites to execute arbitrary code via a pipe (|) character in a filename that is retrieved by ...