Vulnerabilities (CVE)

Filtered by vendor Sup Subscribe
Filtered by product Sup
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2004-0451 2 Debian, Sup 2 Debian Linux, Sup 2024-11-20 10.0 HIGH N/A
Multiple format string vulnerabilities in the (1) logquit, (2) logerr, or (3) loginfo functions in Software Upgrade Protocol (SUP) allows remote attackers to execute arbitrary code via format string specifiers in messages that are logged by syslog.
CVE-2003-0606 2 Cvsup, Sup 2 Cvsup-mirror, Sup 2024-11-20 4.6 MEDIUM N/A
sup 1.8 and earlier does not properly create temporary files, which allows local users to overwrite arbitrary files.