Vulnerability Details CVE-2005-2409
Format string vulnerability in util.c in nbsmtp 0.99 and earlier, while running in debug mode, allows remote attackers to execute arbitrary code via format string specifiers that are not properly handled in a syslog call.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.115
EPSS Ranking 93.3%
CVSS Severity
CVSS v2 Score 7.5
References
- http://people.freebsd.org/~niels/issues/nbsmtp-20050726.txt
- http://secunia.com/advisories/16279
- http://secunia.com/advisories/16324
- http://www.securityfocus.com/bid/14441
- http://www.vuxml.org/freebsd/debbb39c-fdb3-11d9-a30d-00b0d09acbfc.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/21674
- http://people.freebsd.org/~niels/issues/nbsmtp-20050726.txt
- http://secunia.com/advisories/16279
- http://secunia.com/advisories/16324
- http://www.securityfocus.com/bid/14441
- http://www.vuxml.org/freebsd/debbb39c-fdb3-11d9-a30d-00b0d09acbfc.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/21674