CVE-2005-1100 Information

Description

Format string vulnerability in the ErrorLog function in cnf.c in Greylisting daemon (GLD) 1.3 and 1.4 allows remote attackers to execute arbitrary code via format string specifiers in data that is passed directly to syslog.

Reference

http://marc.info/?l=bugtraq&m=111339935903880&w=2 http://secunia.com/advisories/14941 http://security.gentoo.org/glsa/glsa-200504-10.xml http://securitytracker.com/alerts/2005/Apr/1013678.html http://www.osvdb.org/15493 https://exchange.xforce.ibmcloud.com/vulnerabilities/20067