CVE-2005-2409

{"id": "CVE-2005-2409", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": true, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2005-08-01T04:00:00.000", "references": [{"url": "http://people.freebsd.org/~niels/issues/nbsmtp-20050726.txt", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/16279", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/16324", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/14441", "source": "cve@mitre.org"}, {"url": "http://www.vuxml.org/freebsd/debbb39c-fdb3-11d9-a30d-00b0d09acbfc.html", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21674", "source": "cve@mitre.org"}, {"url": "http://people.freebsd.org/~niels/issues/nbsmtp-20050726.txt", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/16279", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/16324", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/14441", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vuxml.org/freebsd/debbb39c-fdb3-11d9-a30d-00b0d09acbfc.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21674", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Format string vulnerability in util.c in nbsmtp 0.99 and earlier, while running in debug mode, allows remote attackers to execute arbitrary code via format string specifiers that are not properly handled in a syslog call."}, {"lang": "es", "value": "Vulnerabilidad de formateo de cadenas en util.c en nbsmtp 0.99 y anteriores, mientras se ejecuta en modo debug, permite que atacantes remotos ejecuten c\u00f3digo arbitrario mediante especificadores de formato de cadena que no se manejan adecuadamente en una llamada syslog."}], "lastModified": "2025-04-03T01:03:51.193", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:nbsmtp:nbsmtp:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4D02656B-2768-4727-A470-BCD5CFC10CB0", "versionEndIncluding": "0.99"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}