Vulnerabilities > CVE-2006-3120 - Unspecified vulnerability in Brian Wotring Osiris
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Format string vulnerability in Brian Wotring Osiris before 4.2.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unspecified attack vectors related to the logging functions.
Vulnerable Configurations
Nessus
NASL family | Debian Local Security Checks |
NASL id | DEBIAN_DSA-1129.NASL |
description | Ulf Harnhammar and Max Vozeler from the Debian Security Audit Project have found several format string security bugs in osiris, a network-wide system integrity monitor control interface. A remote attacker could exploit them and cause a denial of service or execute arbitrary code. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 22671 |
published | 2006-10-14 |
reporter | This script is Copyright (C) 2006-2019 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/22671 |
title | Debian DSA-1129-1 : osiris - format string |
code |
|
References
- http://osiris.shmoo.com/ChangeLog
- http://osiris.shmoo.com/download.html
- http://secunia.com/advisories/21257
- http://secunia.com/advisories/21265
- http://www.debian.org/security/2006/dsa-1129
- http://www.osvdb.org/27645
- http://www.securityfocus.com/bid/19213
- http://www.vupen.com/english/advisories/2006/3072