tripwire format string vulnerability
| Package(s): | tripwire | CVE #(s): | CAN-2004-0536 | ||||||||||||||||
| Created: | June 4, 2004 | Updated: | July 7, 2004 | ||||||||||||||||
| Description: | The code that generates email reports contains a format string vulnerability in pipedmailmessage.cpp. With a carefully crafted filename on a local filesystem an attacker could cause execution of arbitrary code with permissions of the user running tripwire, which could be the root user. See this advisory on SecurityFocus for more details. | ||||||||||||||||||
| Alerts: |
| ||||||||||||||||||