ez-ipupdate -- format string vulnerability

ID E69BA632-326F-11D9-B5B7-000854D03344
Type freebsd
Reporter FreeBSD
Modified 2004-11-11T00:00:00


Data supplied by a remote server is used as the format string instead of as parameters in a syslog() call. This may lead to crashes or potential running of arbitrary code. It is only a problem when running in daemon mode (very common) and when using some service types.