VULHUB ™

A vulnerability has been reported for plpnfsd that may result in an attacker obtaining elevated privileges on the vulnerable system. Due to a programming error, it may be possible to exploit a format string vulnerability in plpnfsd. A logging function in plpnfsd contains insecure syslog() calls. This could result in the execution of attacker-supplied code. In the event that this vulnerability is exploited, an attacker could cause arbitrary locations in memory to be corrupted with attacker-specified data and execute code with elevated privileges. *** New information has been made available that suggests version 0.11 is vulnerable. It was previously believed that this issue was fixed in its release.

A vulnerability has been reported for plpnfsd that may result in an attacker obtaining elevated privileges on the vulnerable system. Due to a programming error, it may be possible to exploit a format string vulnerability in plpnfsd. A logging function in plpnfsd contains insecure syslog() calls. This could result in the execution of attacker-supplied code. In the event that this vulnerability is exploited, an attacker could cause arbitrary locations in memory to be corrupted with attacker-specified data and execute code with elevated privileges. *** New information has been made available that suggests version 0.11 is vulnerable. It was previously believed that this issue was fixed in its release.