CVE-2004-2571
Gravedad CVSS v2.0:
ALTA
Tipo:
No Disponible / Otro tipo
Fecha de publicación:
31/12/2004
Última modificación:
03/04/2025
Descripción
*** Pendiente de traducción *** Multiple buffer overflows in EnderUNIX isoqlog 2.1.1 allow remote attackers to execute arbitrary code via the (1) parseQmailFromBytesLine, (2) parseQmailToRemoteLine, (3) parseQmailToLocalLine, (4) parseSendmailFromBytesLine, (5) parseSendmailToLine, (6) parseEximFromBytesLine, and (7) parseEximToLine functions in Parser.c; allow local users to execute arbitrary code via the (8) lowercase and (9) check_syslog_date functions in Parser.c, and (10) unspecified functions in Dir.c; and allow unspecified attackers to execute arbitrary code via the (11) loadconfig and (12) removespaces functions in loadconfig.c, the (13) loadLang function in LangCfg.c, and (14) unspecified functions in Html.c.
Impacto
Puntuación base 2.0
7.50
Gravedad 2.0
ALTA
Productos y versiones vulnerables
| CPE | Desde | Hasta |
|---|---|---|
| cpe:2.3:a:enderunix:isoqlog:2.1.1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:enderunix:isoqlog:2.2_beta:*:*:*:*:*:*:* |
Para consultar la lista completa de nombres de CPE con productos y versiones, ver esta página
Referencias a soluciones, herramientas e información
- http://archives.neohapsis.com/archives/bugtraq/2004-05/0298.html
- http://secunia.com/advisories/11741/
- http://securitytracker.com/id?1010292=
- http://www.securityfocus.com/bid/10433
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16308
- http://archives.neohapsis.com/archives/bugtraq/2004-05/0298.html
- http://secunia.com/advisories/11741/
- http://securitytracker.com/id?1010292=
- http://www.securityfocus.com/bid/10433
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16308