Vulnerability Description
Format string vulnerability in the ErrorLog function in cnf.c in Greylisting daemon (GLD) 1.3 and 1.4 allows remote attackers to execute arbitrary code via format string specifiers in data that is passed directly to syslog.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Salim Gasmi | Gld | 1.3 |
References
- http://marc.info/?l=bugtraq&m=111339935903880&w=2
- http://secunia.com/advisories/14941Patch
- http://security.gentoo.org/glsa/glsa-200504-10.xmlPatch
- http://securitytracker.com/alerts/2005/Apr/1013678.html
- http://www.osvdb.org/15493
- https://exchange.xforce.ibmcloud.com/vulnerabilities/20067
- http://marc.info/?l=bugtraq&m=111339935903880&w=2
- http://secunia.com/advisories/14941Patch
- http://security.gentoo.org/glsa/glsa-200504-10.xmlPatch
- http://securitytracker.com/alerts/2005/Apr/1013678.html
- http://www.osvdb.org/15493
- https://exchange.xforce.ibmcloud.com/vulnerabilities/20067
FAQ
What is CVE-2005-1100?
CVE-2005-1100 is a vulnerability with a CVSS score of 7.5 (HIGH). Format string vulnerability in the ErrorLog function in cnf.c in Greylisting daemon (GLD) 1.3 and 1.4 allows remote attackers to execute arbitrary code via format string specifiers in data that is pas...
How severe is CVE-2005-1100?
CVE-2005-1100 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-1100?
Check the references section above for vendor advisories and patch information. Affected products include: Salim Gasmi Gld.