MidnightBSD

Advisories for sup

CVE-2003-0606 MEDIUM

sup 1.8 and earlier does not properly create temporary files, which allows local users to overwrite arbitrary files.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
cvsup cvsup-mirror 1.2
sup sup 1.8
CVE-2004-0451 HIGH

Multiple format string vulnerabilities in the (1) logquit, (2) logerr, or (3) loginfo functions in Software Upgrade Protocol (SUP) allows remote attackers to execute arbitrary code via format string specifiers in messages that are logged by syslog.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
debian debian_linux 3.0
sup sup 1.8