CVE-2004-0980
ez-ipupdate 3.0.10-3.0.11b8 - Remote Code Execution via Format String Vulnerability
Title source: llmDescription
Format string vulnerability in ez-ipupdate.c for ez-ipupdate 3.0.10 through 3.0.11b8, when running in daemon mode with certain service types in use, allows remote servers to execute arbitrary code.
References (7)
Core 7
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/18032
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2004/dsa-592
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/13167/
Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/11657
Patch, Vendor Advisory vendor-advisory
x_refsource_gentoo
http://www.gentoo.org/security/en/glsa/glsa-200411-20.xml
Vendor Advisory vendor-advisory
x_refsource_mandrake
http://www.mandriva.com/security/advisories?name=MDKSA-2004:129
Mailing List mailing-list
x_refsource_fulldisc
http://lists.grok.org.uk/pipermail/full-disclosure/2004-November/028590.html
Scores
EPSS
0.0158
EPSS Percentile
81.8%
Details
Status
published
Products (4)
angus_mackay/ez-ipupdate
3.0.11b5
angus_mackay/ez-ipupdate
3.0.11b8
debian/debian_linux
3.0 (12 CPE variants)
gentoo/linux
Published
Feb 09, 2005
Tracked Since
Feb 18, 2026