• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

DConnect Daemon Multiple Format String Vulnerabilities

DConnect Daemon is prone to multiple remote format-string because the application fails to sanitize user-supplied input before passing it to a formatted-output function.

An attacker can exploit these issues to execute arbitrary code within the context of the server.

Version 0.7.0, CVS July 30, 2006 and prior versions are vulnerable to this issue.