MidnightBSD

Advisories for kerry_thompson

CVE-2011-3626 HIGH

Double free vulnerability in the prepare_exec function in src/exec.c in Logsurfer 1.5b and earlier, and Logsurfer+ 1.7 and earlier, allows remote attackers to execute arbitrary commands via crafted strings in a log file.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
drusus logsurfer 1.2
drusus logsurfer 1.5a
kerry_thompson logsurfer+ 1.6b
drusus logsurfer 1.1
kerry_thompson logsurfer+ 1.5a
drusus logsurfer 1.3
drusus logsurfer 1.41
drusus logsurfer 1.4
kerry_thompson logsurfer+ *
drusus logsurfer 1.5
kerry_thompson logsurfer+ 1.6
drusus logsurfer *
kerry_thompson logsurfer+ 1.5b
kerry_thompson logsurfer+ 1.6a