• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Rob Brown Net-Server Perl Module Logging Function Format String Vulnerability

Net-Server API is prone to a remote format-string vulnerability. The issue resides in the 'log' subroutine of the 'Server.pm' module.

This vulnerability may occur when an application uses the 'log' subroutine of the affected module to handle malicious data passed through a network request.

A successful attack may crash the server or lead to arbitrary code execution. This may facilitate unauthorized access or privilege escalation in the context the server.