Vulnerabilities > CVE-2004-0393 - Multiple vulnerability in Rlpr msg() Function
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Format string vulnerability in the msg function for rlpr daemon (rlprd) 2.0.4 allows remote attackers to execute arbitrary code via format string specifiers in a buffer that can not be resolved, which is provided to the syslog function.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 5 |
Exploit-Db
description rlpr <= 2.04 msg() Remote Format String Exploit. CVE-2004-0393. Remote exploit for linux platform id EDB-ID:307 last seen 2016-01-31 modified 2004-06-25 published 2004-06-25 reporter jaguar source https://www.exploit-db.com/download/307/ title rlpr <= 2.04 msg Remote Format String Exploit description Rlpr 2.0 msg() Function Multiple Vulnerabilities. CVE-2004-0393. Remote exploit for linux platform id EDB-ID:24223 last seen 2016-02-02 modified 2004-06-19 published 2004-06-19 reporter [email protected] source https://www.exploit-db.com/download/24223/ title Rlpr 2.0 msg Function Multiple Vulnerabilities
Nessus
NASL family | Debian Local Security Checks |
NASL id | DEBIAN_DSA-524.NASL |
description | discovered a format string vulnerability in rlpr, a utility for lpd printing without using /etc/printcap. While investigating this vulnerability, a buffer overflow was also discovered in related code. By exploiting one of these vulnerabilities, a local or remote user could potentially cause arbitrary code to be executed with the privileges of 1) the rlprd process (remote), or 2) root (local). CAN-2004-0393: format string vulnerability via syslog(3) in msg() function in rlpr CAN-2004-0454: buffer overflow in msg() function in rlpr |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 15361 |
published | 2004-09-29 |
reporter | This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/15361 |
title | Debian DSA-524-1 : rlpr - several vulnerabilities |