CVE-2003-1236 Information

Description

Multiple format string vulnerabilities in the logger function in netzio.c for Tanne 0.6.17 allows remote attackers to execute arbitrary code via format string specifiers in syslog.

Reference

http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0011.html http://secunia.com/advisories/7831 http://tanne.fluxnetz.de/download/tanne-0.7.1.tar.bz2 http://www.iss.net/security_center/static/11006.php http://www.securityfocus.com/archive/1/305460 http://www.securityfocus.com/archive/1/305663 http://www.securityfocus.com/bid/6553 http://www.securitytracker.com/id?1005900