CVE-2004-2026

N/A Unknown

Published: December 31, 2004 Modified: April 16, 2026

Description

Format string vulnerability in the logmsg function in svc.c for Pound 1.5 and earlier allows remote attackers to execute arbitrary code via format string specifiers in syslog messages.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0343.html

Source: cve@mitre.org

Exploit

http://secunia.com/advisories/11528

Source: cve@mitre.org

Patch

http://security.gentoo.org/glsa/glsa-200405-08.xml

Source: cve@mitre.org

Patch

http://securitytracker.com/id?1010034

Source: cve@mitre.org

http://www.apsis.ch/pound/pound_list/archive/2003/2003-12/1070234315000#1070234315000

Source: cve@mitre.org

http://www.osvdb.org/5746

Source: cve@mitre.org

http://www.securityfocus.com/bid/10267

Source: cve@mitre.org

Exploit Patch

https://exchange.xforce.ibmcloud.com/vulnerabilities/16033

Source: cve@mitre.org

http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0343.html