Format string vulnerability in the log function in SUS 2.0.2, and other versions prior to 2.0.6, allows local users to execute arbitrary code via format string specifiers in a command line argument that is passed directly to syslog.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
peter d. gray sus 2.0.1 |
||
peter d. gray sus 2.0 |