CVE-2001-0869

Format string vulnerability in the default logging callback function _sasl_syslog in common.c in Cyrus SASL library (cyrus-sasl) may allow remote attackers to execute arbitrary commands.

Score7.5
Access VectorNETWORK
Access ComplexityLOW
AuthenticationNONE
Confidentiality ImpactPARTIAL
Integrity ImpactPARTIAL
Availability ImpactPARTIAL
Published2001-12-21 12:00:00.000-05
Last Modified2018-05-02 09:29:14.000-04

Vulnerable Software List

VendorProductVersions
Caldera Openlinux Eserver 3.1
Caldera Openlinux Workstation 3.1
Redhat Linux Powertools 6.2
Redhat Linux 7.0, 7.2
Suse Suse Linux 7.0, 7.1, 7.2, 7.3

References

SourceLink
FREEBSDFreeBSD-SA-02:15
CONECTIVACLA-2001:444
MANDRAKEMDKSA-2002:018
SUSESuSE-SA:2001:042
CALDERACSSA-2001-040.0
REDHATRHSA-2001:150
REDHATRHSA-2001:151
BID3498
XFcyrus-sasl-format-string(7443)