Format String Vulnerability in GNU GNATS 4.00 Allows Remote Code Execution via syslog Logging

Format String Vulnerability in GNU GNATS 4.00 Allows Remote Code Execution via syslog Logging

CVE-2004-0623 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

Format string vulnerability in misc.c in GNU GNATS 4.00 may allow remote attackers to execute arbitrary code via format string specifiers in a string that gets logged by syslog.

Learn more about our Web Application Penetration Testing UK.