CVE-2004-0451 Information

Description

Multiple format string vulnerabilities in the (1) logquit (2) logerr or (3) loginfo functions in Software Upgrade Protocol (SUP) allows remote attackers to execute arbitrary code via format string specifiers in messages that are logged by syslog.

Reference

http://securitytracker.com/id?1010539 http://www.debian.org/security/2004/dsa-521 http://www.securityfocus.com/bid/10571 https://exchange.xforce.ibmcloud.com/vulnerabilities/16459