Format string vulnerability in the logmsg function in svc.c for Pound 1.5 and earlier allows remote attackers to execute arbitrary code via format string specifiers in syslog messages.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Pound | Apsis | 1.0 (including) | 1.0 (including) |
Pound | Apsis | 1.1 (including) | 1.1 (including) |
Pound | Apsis | 1.2 (including) | 1.2 (including) |
Pound | Apsis | 1.3 (including) | 1.3 (including) |
Pound | Apsis | 1.4 (including) | 1.4 (including) |
Pound | Apsis | 1.5 (including) | 1.5 (including) |