Vulnerabilities > CVE-2006-0681 - Remote Format String vulnerability in PowerD

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

power-daemon

exploit available

NVD

Published: 2006-02-15

Updated: 2017-07-20

Summary

Format string vulnerability in powerd.c in Power Daemon (powerd) 2.0.2 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the WHATIDO variable.

Vulnerable Configurations

Part	Description	Count
Application	Power_Daemon Power Daemon Power Daemon 2.0.0 Power Daemon Power Daemon 2.0.0.1 Power Daemon Power Daemon 2.0.1 Power Daemon Power Daemon 2.0.1.1 Power Daemon Power Daemon 2.0.2	5

Exploit-Db

description	Power Daemon <= 2.0.2 (WHATIDO) Remote Format String Exploit. CVE-2006-0681. Remote exploit for linux platform
id	EDB-ID:1486
last seen	2016-01-31
modified	2006-02-10
published	2006-02-10
reporter	Gotfault Security
source	https://www.exploit-db.com/download/1486/
title	Power Daemon <= 2.0.2 WHATIDO Remote Format String Exploit

Summary

Vulnerable Configurations

Exploit-Db

References