CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2005-1100

HIGH
7.5
CVSS Severity Score
EPSS Score0.0980%
EPSS Percentile4.07th
Published2005年5月2日
Last Modified2026年4月16日

Vulnerability Description

Format string vulnerability in the ErrorLog function in cnf.c in Greylisting daemon (GLD) 1.3 and 1.4 allows remote attackers to execute arbitrary code via format string specifiers in data that is passed directly to syslog.

Affected Platforms (CPE)

📦
Salim Gasmi

Gld

= 1.3
📦
Salim Gasmi

Gld

= 1.4

References & Advisories

🔗 http://marc.info/?l=bugtraq&m=111339935903880&w=2
🔗 http://secunia.com/advisories/14941
🔗 http://security.gentoo.org/glsa/glsa-200504-10.xml
🔗 http://securitytracker.com/alerts/2005/Apr/1013678.html
🔗 http://www.osvdb.org/15493
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/20067
🔗 http://marc.info/?l=bugtraq&m=111339935903880&w=2
🔗 http://secunia.com/advisories/14941

相關漏洞威脅

CVE-2005-109910.0

Multiple buffer overflows in the HandleChild function in server.c in Greylisting daemon (GLD) 1.3 and 1.4, when GLD is listening o...

CVE-2005-266810.0

Multiple buffer overflows in Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 before Build 220_13, and 1.11 before...

CVE-2005-266910.0

Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 before Build 220_13, and 1.11 before Build 29_13 allows remote at...

CVE-2005-129910.0

The inserter.cgi script allows remote attackers to execute arbitrary commands via shell metacharacters in the argument.