Trustix: >> Secure Linux >> 1.0 Security Vulnerabilities
Format string vulnerability in use_syslog() function in LPRng 3.6.24 allows remote attackers to execute arbitrary commands.
CVSS Score
10.0
EPSS Score
0.835
Published
2000-12-19
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
CVSS Score
10.0
EPSS Score
0.009
Published
2000-11-14
rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root privileges.
CVSS Score
10.0
EPSS Score
0.346
Published
2000-07-16