Multiple format string vulnerabilities in the (1) logquit, (2) logerr, or (3) loginfo functions in Software Upgrade Protocol (SUP) allows remote malicious users to execute arbitrary code via format string specifiers in messages that are logged by syslog.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sup sup 1.8 |
||
debian debian linux 3.0 |