Format string vulnerability in Network Solutions Rwhoisd 1.5.7.2 and earlier, when using syslog, allows remote attackers to corrupt memory and possibly execute arbitrary code via a rwhois request that contains format specifiers.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Rwhoisd | Network_solutions | 1.5 | 1.5 |
Rwhoisd | Network_solutions | 1.5.1a | 1.5.1a |
Rwhoisd | Network_solutions | 1.5.2 | 1.5.2 |
Rwhoisd | Network_solutions | 1.5.3 | 1.5.3 |
Rwhoisd | Network_solutions | 1.5.5 | 1.5.5 |
Rwhoisd | Network_solutions | 1.5.6 | 1.5.6 |
Rwhoisd | Network_solutions | 1.5.7 | 1.5.7 |
Rwhoisd | Network_solutions | 1.5.7.1 | 1.5.7.1 |
Rwhoisd | Network_solutions | 1.5.7.2 | 1.5.7.2 |