Format string vulnerability in Network Solutions Rwhoisd 1.5.x allows remote attackers to execute arbitrary code via format string specifiers in the -soa command.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| network_solutions | rwhoisd | 1.5.x |
Format string vulnerability in Network Solutions Rwhoisd 1.5.7.2 and earlier, when using syslog, allows remote attackers to corrupt memory and possibly execute arbitrary code via a rwhois request that contains format specifiers.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| network_solutions | rwhoisd | 1.5.6 |
| network_solutions | rwhoisd | 1.5.7.1 |
| network_solutions | rwhoisd | 1.5.5 |
| network_solutions | rwhoisd | 1.5 |
| network_solutions | rwhoisd | 1.5.2 |
| network_solutions | rwhoisd | 1.5.7 |
| network_solutions | rwhoisd | 1.5.3 |
| network_solutions | rwhoisd | 1.5.7.2 |
| network_solutions | rwhoisd | 1.5.1a |