Security Advisory

CVE-2004-1097

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2004-12-01 05:00:00

Last updated 2024-08-08 00:39:00

Assigner mitre

State PUBLISHED

Description

Format string vulnerability in the cherokee_logger_ncsa_write_string function in Cherokee 0.4.17 and earlier, when authenticating via auth_pam, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via format string specifiers in the URL.

← Browse all CVEs View on cve.org ↗