Published: 24/04/2005 Updated: 05/09/2008

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Format string vulnerability in the snmppd_log function in snmppd_util.c for snmppd 0.4.5 and previous versions may allow remote malicious users to cause a denial of service or execute arbitrary code via format string specifiers that are not properly handled in a syslog call.

Vulnerable Product	Search on Vulmon	Subscribe to Product
vladislav bogdanov snmppd 0.4.1
vladislav bogdanov snmppd 0.4.2
vladislav bogdanov snmppd 0.4.3
vladislav bogdanov snmppd 0.4.3_special
vladislav bogdanov snmppd 0.4.5
vladislav bogdanov snmppd 0.4
vladislav bogdanov snmppd 0.4.4

/* * Snmppd SNMP proxy daemon format string exploit * * cybertronic[at]gmx[dot]net * * 04/29/2005 * * buffer space is 1024 bytes ( MAX_SNMPPD_OID_LEN defined in snmppd-045/snmppdh ) * * Apr 29 16:01:31 ctronic snmppd[6274]: fd 5: Request: XAAAA_804a81ebfffb9d40000352064666552203a7365757158203a7441414141 * * This is annoying ...

NVD-CWE-Other http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0022.html http://x82.inetcop.org/h0me/adv1sor1es/INCSA.2005-0x82-027-SNMPPD.txt http://secunia.com/advisories/15120 https://nvd.nist.gov https://www.exploit-db.com/exploits/970/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2005-1246

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect