Vulnerability Details CVE-2005-1246
Format string vulnerability in the snmppd_log function in snmppd_util.c for snmppd 0.4.5 and earlier may allow remote attackers to cause a denial of service or execute arbitrary code via format string specifiers that are not properly handled in a syslog call.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.151
EPSS Ranking 94.3%
CVSS Severity
CVSS v2 Score 10.0
References
- http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0022.html
- http://secunia.com/advisories/15120
- http://x82.inetcop.org/h0me/adv1sor1es/INCSA.2005-0x82-027-SNMPPD.txt
- http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0022.html
- http://secunia.com/advisories/15120
- http://x82.inetcop.org/h0me/adv1sor1es/INCSA.2005-0x82-027-SNMPPD.txt
Products affected by CVE-2005-1246
-
cpe:2.3:a:vladislav_bogdanov:snmppd:0.4
-
cpe:2.3:a:vladislav_bogdanov:snmppd:0.4.1
-
cpe:2.3:a:vladislav_bogdanov:snmppd:0.4.2
-
cpe:2.3:a:vladislav_bogdanov:snmppd:0.4.3
-
cpe:2.3:a:vladislav_bogdanov:snmppd:0.4.3_special
-
cpe:2.3:a:vladislav_bogdanov:snmppd:0.4.4
-
cpe:2.3:a:vladislav_bogdanov:snmppd:0.4.5