Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2004-0451
HistoryDec 06, 2004 - 5:00 a.m.

CVE-2004-0451

2004-12-0605:00:00
[email protected]
web.nvd.nist.gov
23
cve-2004-0451
software upgrade protocol
sup
format string vulnerabilities
remote code execution
syslog

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

Low

0.013 Low

EPSS

Percentile

86.1%

JSON

Multiple format string vulnerabilities in the (1) logquit, (2) logerr, or (3) loginfo functions in Software Upgrade Protocol (SUP) allows remote attackers to execute arbitrary code via format string specifiers in messages that are logged by syslog.

Affected configurations

NVD
Node
supsupMatch1.8
Node
debiandebian_linuxMatch3.0
OR
debiandebian_linuxMatch3.0alpha
OR
debiandebian_linuxMatch3.0arm
OR
debiandebian_linuxMatch3.0hppa
OR
debiandebian_linuxMatch3.0ia-32
OR
debiandebian_linuxMatch3.0ia-64
OR
debiandebian_linuxMatch3.0m68k
OR
debiandebian_linuxMatch3.0mips
OR
debiandebian_linuxMatch3.0mipsel
OR
debiandebian_linuxMatch3.0ppc
OR
debiandebian_linuxMatch3.0s-390
OR
debiandebian_linuxMatch3.0sparc
CPENameOperatorVersion
sup:supsupeq1.8

Related

openvas 4
osv 1
cvelist 1
nvd 1
debian 1
nessus 2
debiancve 1
freebsd 1
openvas
openvas
Debian Security Advisory DSA 521-1 (sup)
2008-01-17 00:00:00
FreeBSD Ports: sup
2008-09-04 00:00:00
Debian: Security Advisory (DSA-521)
2008-01-17 00:00:00
osv
osv
sup - format string vulnerability
2004-06-18 00:00:00
cvelist
cvelist
CVE-2004-0451
2004-06-30 04:00:00
nvd
nvd
CVE-2004-0451
2004-12-06 05:00:00
debian
debian
[SECURITY] [DSA 521-1] New sup packages fix format string vulnerabilities
2004-06-19 03:48:57
nessus
nessus
FreeBSD : sup -- format string vulnerability (2c5757f4-88bf-11d9-8720-0007e900f87b)
2005-07-13 00:00:00
Debian DSA-521-1 : sup - format string vulnerability
2004-09-29 00:00:00
debiancve
debiancve
CVE-2004-0451
2004-12-06 05:00:00
freebsd
freebsd
sup -- format string vulnerability
2004-06-19 00:00:00

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

Low

0.013 Low

EPSS

Percentile

86.1%

JSON
Related for CVE-2004-0451
openvas4osv1cvelist1nvd1debian1nessus2debiancve1freebsd1