CVE-2004-2386

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2004-2386

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2004-2386.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2004-2386

Downstream

DEBIAN-CVE-2004-2386

Published

2004-12-31T05:00:00Z

Modified

2025-08-09T20:01:26Z

Summary

[none]

Details

Format string vulnerability in the LogMsg function in sercd before 2.3.1 and sredird 2.2.1 and earlier allows remote attackers to execute arbitrary code via format string specifiers passed from the HandleCPCCommand function.

References

http://secunia.com/advisories/12351
http://www.osvdb.org/8375
http://www.securityfocus.com/bid/11031
http://cvs.lysator.liu.se/viewcvs/viewcvs.cgi/sercd/sercd.c?root=sercd
http://securitytracker.com/id?1011038
http://www.osvdb.org/9104
http://www.securityfocus.com/bid/11002
https://exchange.xforce.ibmcloud.com/vulnerabilities/17056

CVE-2004-2386

Affected packages