Lucene search

[email protected]CVE-2004-1192

HistoryJan 10, 2005 - 5:00 a.m.

CVE-2004-1192

2005-01-1005:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2004-1192

citadel/ux

format string vulnerability

remote code execution

nvd

7.9 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.084 Low

EPSS

Percentile

94.3%

JSON

Format string vulnerability in the lprintf function in Citadel/UX 6.27 and earlier allows remote attackers to execute arbitrary code via format string specifiers sent to the server.

CPENameOperatorVersion
citadel:uxcitadel uxeq6.26
citadel:uxcitadel uxeq6.08
citadel:uxcitadel uxeq6.24
citadel:uxcitadel uxeq6.23
citadel:uxcitadel uxeq6.27
citadel:uxcitadel uxeq6.07

CPE	Name	Operator	Version
citadel:ux	citadel ux	eq	6.26
citadel:ux	citadel ux	eq	6.08
citadel:ux	citadel ux	eq	6.24
citadel:ux	citadel ux	eq	6.23
citadel:ux	citadel ux	eq	6.27
citadel:ux	citadel ux	eq	6.07

References

marc.info/?l=bugtraq&m=110295469430696&w=2

marc.info/?l=bugtraq&m=110304986223400&w=2

www.nosystem.com.ar/advisories/advisory-09.txt

exchange.xforce.ibmcloud.com/vulnerabilities/18429

7.9 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.084 Low

EPSS

Percentile

94.3%

JSON

Related for CVE-2004-1192

nessus1