ISDN4Linux IPPPD Device String SysLog Format String Vulnerability

isdn4linux is a freely available, open source package of isdn compatibility tools. It is available for Linux operating systems.

isdn4linux contains a format string vulnerability in the ipppd utility. In some installations, this utility is installed with setuid root privileges. Exploitation of this vulnerability could lead to a local attacker executing code with administrative privileges.


Privacy Statement
Copyright 2010, SecurityFocus