Format string vulnerability in the ErrorLog function in cnf.c in Greylisting daemon (GLD) 1.3 and 1.4 allows remote malicious users to execute arbitrary code via format string specifiers in data that is passed directly to syslog.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
salim gasmi gld 1.3 |
||
salim gasmi gld 1.4 |