CVE-2004-0623

Description

Format string vulnerability in misc.c in GNU GNATS 4.00 may allow remote attackers to execute arbitrary code via format string specifiers in a string that gets logged by syslog.

Affected products

• gnu / gnats3.0_02 – 3.0_02
• gnu / gnats3.2 – 3.2
• gnu / gnats3.14b – 3.14b
• gnu / gnats3.113 – 3.113
• gnu / gnats3.113.1 – 3.113.1
• gnu / gnats3.113.1.6 – 3.113.1.6
• gnu / gnats4.0 – 4.0

References

• MAILING_LISThttp://marc.info/?l=bugtraq&m=108820000823191&w=2
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/16517
• MISChttp://www.securityfocus.com/bid/10609