CVE-2004-2386 Information

Description

Format string vulnerability in the LogMsg function in sercd before 2.3.1 and sredird 2.2.1 and earlier allows remote attackers to execute arbitrary code via format string specifiers passed from the HandleCPCCommand function.

Reference

http://cvs.lysator.liu.se/viewcvs/viewcvs.cgi/sercd/sercd.c?root=sercd http://secunia.com/advisories/12351 http://securitytracker.com/id?1011038 http://www.osvdb.org/8375 http://www.osvdb.org/9104 http://www.securityfocus.com/bid/11002 http://www.securityfocus.com/bid/11031 https://exchange.xforce.ibmcloud.com/vulnerabilities/17056