MidnightBSD

Advisories for drusus

CVE-2011-3626 HIGH

Double free vulnerability in the prepare_exec function in src/exec.c in Logsurfer 1.5b and earlier, and Logsurfer+ 1.7 and earlier, allows remote attackers to execute arbitrary commands via crafted strings in a log file.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
drusus logsurfer 1.1
drusus logsurfer *
kerry_thompson logsurfer+ *
kerry_thompson logsurfer+ 1.6a
drusus logsurfer 1.3
drusus logsurfer 1.4
drusus logsurfer 1.5a
drusus logsurfer 1.5
kerry_thompson logsurfer+ 1.6b
kerry_thompson logsurfer+ 1.6
drusus logsurfer 1.2
kerry_thompson logsurfer+ 1.5b
drusus logsurfer 1.41
kerry_thompson logsurfer+ 1.5a