CVE-2003-1236

Tanne 0.6.17 - RCE

Title source: llm

Description

Multiple format string vulnerabilities in the logger function in netzio.c for Tanne 0.6.17 allows remote attackers to execute arbitrary code via format string specifiers in syslog.

Exploits (1)

exploitdb WORKING POC VERIFIED

by dong-h0un yoU · cremotelinux

https://www.exploit-db.com/exploits/22135

View Code ZIP pw:eip

References (8)

[Exploit, Patch] http://www.securityfocus.com/bid/6553

[Patch] http://tanne.fluxnetz.de/download/tanne-0.7.1.tar.bz2

[Third Party Advisory] http://www.iss.net/security_center/static/11006.php

[Exploit, Patch] http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0011.html

[Exploit] http://www.securityfocus.com/archive/1/305663

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1005900

[Third Party Advisory] http://secunia.com/advisories/7831

[Exploit, Patch] http://www.securityfocus.com/archive/1/305460

Scores

EPSS 0.2756

EPSS Percentile 96.4%

Details

Status published

Products (1)

tanne/tanne 0.6.17

Published Dec 31, 2003

Tracked Since Feb 18, 2026