Lucene search

MitreCVE-2004-1469

HistoryFeb 13, 2005 - 5:00 a.m.

CVE-2004-1469

2005-02-1305:00:00

mitre

web.nvd.nist.gov

cve

2004

1469

format string vulnerability

sus 2.0.2

security

nvd

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.2

Confidence

High

EPSS

0.001

Percentile

32.1%

JSON

Format string vulnerability in the log function in SUS 2.0.2, and other versions before 2.0.6, allows local users to execute arbitrary code via format string specifiers in a command line argument that is passed directly to syslog.

Affected configurations

Nvd

Node

peter_d._graysusMatch2.0

peter_d._graysusMatch2.0.1

VendorProductVersionCPE
peter_d._graysus2.0cpe:2.3:a:peter_d._gray:sus:2.0:*:*:*:*:*:*:*
peter_d._graysus2.0.1cpe:2.3:a:peter_d._gray:sus:2.0.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
peter_d._gray	sus	2.0	cpe:2.3:a:peter_d._gray:sus:2.0:::::::*
peter_d._gray	sus	2.0.1	cpe:2.3:a:peter_d._gray:sus:2.0.1:::::::*

References

marc.info/?l=bugtraq&m=109517782910407&w=2

pdg.uow.edu.au/sus/CHANGES

security.lss.hr/index.php?page=details&ID=LSS-2004-09-01

www.gentoo.org/security/en/glsa/glsa-200409-17.xml

www.securityfocus.com/bid/11176

exchange.xforce.ibmcloud.com/vulnerabilities/17361

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.2

Confidence

High

EPSS

0.001

Percentile

32.1%

JSON

Related for CVE-2004-1469