VULHUB ™

zkfingerd is prone to a format string vulnerability. This problem is due to incorrect use of the 'syslog()' function to log error messages. It is possible to corrupt memory by passing format strings through the vulnerable logging function. This may potentially be exploited to overwrite arbitrary locations in memory with attacker-specified values. Successful exploitation of this issue may allow the attacker to execute arbitrary instructions, possibly, with elevated privileges.

zkfingerd is prone to a format string vulnerability. This problem is due to incorrect use of the 'syslog()' function to log error messages. It is possible to corrupt memory by passing format strings through the vulnerable logging function. This may potentially be exploited to overwrite arbitrary locations in memory with attacker-specified values. Successful exploitation of this issue may allow the attacker to execute arbitrary instructions, possibly, with elevated privileges.