FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

ezbounce remote format string vulnerability

Affected packages
ezbounce < 1.04.a_1

Details

VuXML ID c480eb5e-7f00-11d8-868e-000347dd607f
Discovery 2003-07-01
Entry 2004-03-26
Modified 2004-03-29

A security hole exists that can be used to crash the proxy and execute arbitrary code. An exploit is circulating that takes advantage of this, and in some cases succeeds in obtaining a login shell on the machine.

References

Bugtraq ID 8071
CVE Name CVE-2003-0510
URL http://ezbounce.dc-team.com/