{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2004-06-19T04:00:00.000Z", "descriptions": [{"lang": "en", "value": "Multiple format string vulnerabilities in the (1) logquit, (2) logerr, or (3) loginfo functions in Software Upgrade Protocol (SUP) allows remote attackers to execute arbitrary code via format string specifiers in messages that are logged by syslog."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-10T18:57:01.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "1010539", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1010539"}, {"name": "DSA-521", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2004/dsa-521"}, {"name": "sup-format-string(16459)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16459"}, {"name": "10571", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/10571"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0451", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple format string vulnerabilities in the (1) logquit, (2) logerr, or (3) loginfo functions in Software Upgrade Protocol (SUP) allows remote attackers to execute arbitrary code via format string specifiers in messages that are logged by syslog."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "1010539", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1010539"}, {"name": "DSA-521", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2004/dsa-521"}, {"name": "sup-format-string(16459)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16459"}, {"name": "10571", "refsource": "BID", "url": "http://www.securityfocus.com/bid/10571"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T00:17:14.962Z"}, "title": "CVE Program Container", "references": [{"name": "1010539", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1010539"}, {"name": "DSA-521", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2004/dsa-521"}, {"name": "sup-format-string(16459)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16459"}, {"name": "10571", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/10571"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0451", "datePublished": "2004-06-30T08:00:00.000Z", "dateReserved": "2004-05-06T04:00:00.000Z", "dateUpdated": "2024-08-08T00:17:14.962Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sup:sup:1.8:*:*:*:*:*:*:*", "matchCriteriaId": "91F983C9-A28C-4D0A-A413-CE8BC2215AD4", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*", "matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*", "matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*", "matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*", "matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*", "matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*", "matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*", "matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*", "matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*", "matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*", "matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple format string vulnerabilities in the (1) logquit, (2) logerr, or (3) loginfo functions in Software Upgrade Protocol (SUP) allows remote attackers to execute arbitrary code via format string specifiers in messages that are logged by syslog."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades de cadena de formato en las funciones (1) logquit, (2) logerr, o (3) loginfo en Software Upgrade Protocol (SUP) permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante especificadores de cadena de formato en mensajes que son registrados por syslog."}], "id": "CVE-2004-0451", "lastModified": "2025-04-03T01:03:51.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2004-12-06T05:00:00.000", "references": [{"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1010539"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.debian.org/security/2004/dsa-521"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.securityfocus.com/bid/10571"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16459"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1010539"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.debian.org/security/2004/dsa-521"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.securityfocus.com/bid/10571"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16459"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}