FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

sup -- format string vulnerability

Affected packages
sup < 2.0.20050226

Details

VuXML ID 2c5757f4-88bf-11d9-8720-0007e900f87b
Discovery 2004-06-19
Entry 2005-02-27

Debian Security Advisory reports:

jaguar@felinemenace.org discovered a format string vulnerability in sup, a set of programs to synchronize collections of files across a number of machines, whereby a remote attacker could potentially cause arbitrary code to be executed with the privileges of the supfilesrv process (this process does not run automatically by default).

References

Bugtraq ID 10571
CVE Name CVE-2004-0451
URL http://www.securityfocus.com/advisories/6874