VULHUB ™

The Deception Finger Daemon (decfingerd) is prone to a format string vulnerability. This may be exploited by remote attackers to potentially execute arbitrary instructions with the privileges of the decfingerd process (normally root). This problem is the result of unsafe use of the syslog() to log externally supplied data.

The Deception Finger Daemon (decfingerd) is prone to a format string vulnerability. This may be exploited by remote attackers to potentially execute arbitrary instructions with the privileges of the decfingerd process (normally root). This problem is the result of unsafe use of the syslog() to log externally supplied data.