Vulnerabilities > SUP

DATE CVE VULNERABILITY TITLE RISK
2004-12-06 CVE-2004-0451 Remote Syslog Format String vulnerability in Sup
Multiple format string vulnerabilities in the (1) logquit, (2) logerr, or (3) loginfo functions in Software Upgrade Protocol (SUP) allows remote attackers to execute arbitrary code via format string specifiers in messages that are logged by syslog.
network
low complexity
sup debian
critical
10.0
2003-08-27 CVE-2003-0606 sup 1.8 and earlier does not properly create temporary files, which allows local users to overwrite arbitrary files.
local
low complexity
cvsup sup
4.6