Description
Format string vulnerability in log_doit function of Slurp NNTP client 1.1.0 allows a malicious news server to execute arbitrary code on the client via format strings in a server response.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by zillion · textdosfreebsd
https://www.exploit-db.com/exploits/21512
References (4)
Core 4
Core References
Mailing List mailing-list
x_refsource_vuln-dev
http://marc.info/?l=vuln-dev&m=102323341407280&w=2
Vendor Advisory vdb-entry
x_refsource_xf
http://www.iss.net/security_center/static/9270.php
Third Party Advisory mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2002-06/0014.html
Exploit, Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/4935
Scores
EPSS
0.0394
EPSS Percentile
88.4%
Details
Status
published
Products (1)
stephen_hebditch/slurp
1.1.0
Published
Oct 04, 2002
Tracked Since
Feb 18, 2026