Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local malicious users to execute arbitrary commands via functions such as gettext and catopen.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
conectiva linux 4.0es |
||
conectiva linux 4.1 |
||
sgi irix 6.5 |
||
sgi irix 6.5.1 |
||
sgi irix 6.5.2m |
||
conectiva linux 4.2 |
||
conectiva linux 5.0 |
||
sgi irix 6.5.3 |
||
sgi irix 6.5.3f |
||
immunix immunix 6.2 |
||
conectiva linux 4.0 |
||
sgi irix 6.3 |
||
sgi irix 6.4 |
||
sgi irix 6.5.6 |
||
sgi irix 6.5.7 |
||
sgi irix 6.5.8 |
||
caldera openlinux ebuilder 3.0 |
||
conectiva linux 5.1 |
||
sgi irix 6.2 |
||
sgi irix 6.5.3m |
||
sgi irix 6.5.4 |
||
caldera openlinux |
||
caldera openlinux eserver 2.3 |
||
ibm aix 3.2.5 |
||
ibm aix 4.0 |
||
ibm aix 4.2.1 |
||
ibm aix 4.3 |
||
redhat linux 5.2 |
||
redhat linux 6.0 |
||
sun sunos 5.2 |
||
sun sunos 5.3 |
||
suse suse linux 6.2 |
||
suse suse linux 6.3 |
||
turbolinux turbolinux 6.0.2 |
||
debian debian linux 2.2 |
||
debian debian linux 2.3 |
||
ibm aix 4.1.2 |
||
ibm aix 4.1.3 |
||
ibm aix 4.1.4 |
||
mandrakesoft mandrake linux 7.0 |
||
mandrakesoft mandrake linux 7.1 |
||
slackware slackware linux 7.0 |
||
slackware slackware linux 7.1 |
||
sun solaris 2.6 |
||
sun sunos 5.7 |
||
trustix secure linux 1.0 |
||
trustix secure linux 1.1 |
||
ibm aix 3.2 |
||
ibm aix 3.2.4 |
||
ibm aix 4.1.5 |
||
ibm aix 4.2 |
||
redhat linux 5.0 |
||
redhat linux 5.1 |
||
sun sunos 5.0 |
||
sun sunos 5.1 |
||
sun sunos 5.8 |
||
suse suse linux 6.1 |
||
turbolinux turbolinux 6.0 |
||
turbolinux turbolinux 6.0.1 |
||
turbolinux turbolinux 6.0.3 |
||
debian debian linux 2.0 |
||
debian debian linux 2.1 |
||
ibm aix 4.1 |
||
ibm aix 4.1.1 |
||
ibm aix 4.3.1 |
||
ibm aix 4.3.2 |
||
redhat linux 6.1 |
||
redhat linux 6.2 |
||
sun sunos 5.4 |
||
sun sunos 5.5 |
||
sun sunos 5.5.1 |
||
suse suse linux 6.4 |
||
suse suse linux 7.0 |
||
turbolinux turbolinux 6.0.4 |
Vulmon