Lucene search

[email protected]CVE-2005-2409

HistoryAug 01, 2005 - 4:00 a.m.

CVE-2005-2409

2005-08-0104:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2005-2409

format string vulnerability

nbsmtp

remote code execution

nvd

7.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.133 Low

EPSS

Percentile

95.5%

JSON

Format string vulnerability in util.c in nbsmtp 0.99 and earlier, while running in debug mode, allows remote attackers to execute arbitrary code via format string specifiers that are not properly handled in a syslog call.

CPENameOperatorVersion
nbsmtp:nbsmtpnbsmtple0.99

CPE	Name	Operator	Version
nbsmtp:nbsmtp	nbsmtp	le	0.99

References

people.freebsd.org/~niels/issues/nbsmtp-20050726.txt

secunia.com/advisories/16279

secunia.com/advisories/16324

www.securityfocus.com/bid/14441

www.vuxml.org/freebsd/debbb39c-fdb3-11d9-a30d-00b0d09acbfc.html

exchange.xforce.ibmcloud.com/vulnerabilities/21674

7.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.133 Low

EPSS

Percentile

95.5%

JSON

Related for CVE-2005-2409

nessus1 gentoo1 openvas1