VULHUB ™

Kaspersky Anti-Virus for Linux Servers is an anti-virus system for file and application servers and also for e-mail gateways such as Sendmail, Qmail and Postfix. A format string vulnerability exists in the 'avpkeeper' program included with Kaspersky Anti-Virus for Sendmail. The problem occurs when an e-mail address containing string format specifiers is logged using the syslog() C library function. As a result, it may be possible for a remote attacker to use format specifiers to overwrite arbitrary locations in memory, causing a denial of service or the execution of arbitrary code on the host running KAV.

Kaspersky Anti-Virus for Linux Servers is an anti-virus system for file and application servers and also for e-mail gateways such as Sendmail, Qmail and Postfix. A format string vulnerability exists in the 'avpkeeper' program included with Kaspersky Anti-Virus for Sendmail. The problem occurs when an e-mail address containing string format specifiers is logged using the syslog() C library function. As a result, it may be possible for a remote attacker to use format specifiers to overwrite arbitrary locations in memory, causing a denial of service or the execution of arbitrary code on the host running KAV.