Generic Format String Detection

critical Nessus Plugin ID 11133

Synopsis

It may be possible to execute code on the remote host.

Description

Nessus killed the remote service by sending it specially crafted data. The remote service seems to be vulnerable to a format string attack. An attacker might use this flaw to make it crash or even execute arbitrary code on this host.

Solution

Upgrade the software or contact the vendor regarding this vulnerability.

Plugin Details

Severity: Critical

ID: 11133

File Name: misc_format_string.nasl

Version: Revision: 1.27

Type: remote

Family: Misc.

Published: 11/12/2002

Updated: 5/24/2014

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Critical

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

Required KB Items: Settings/ParanoidReport

Detections

Analytics