CVE Vulnerabilities

CVE-2004-0354

Published: Nov 23, 2004 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
10 HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

Multiple format string vulnerabilities in GNU Anubis 3.6.0 through 3.6.2, 3.9.92 and 3.9.93 allow remote attackers to execute arbitrary code via format string specifiers in strings passed to (1) the info function in log.c, (2) the anubis_error function in errs.c, or (3) the ssl_error function in ssl.c.

Affected Software

Name Vendor Start Version End Version
Anubis Gnu 3.9.92 3.9.92
Anubis Gnu 3.9.93 3.9.93
Anubis Gnu 3.6.0 3.6.0
Anubis Gnu 3.6.1 3.6.1
Anubis Gnu 3.6.2 3.6.2

References