LCDproc.TestFunc.Command.Arbitrary.Code.Execution

description-logoDescription

This indicates a possible exploit of a Format String vulnerability in LCDProc.
The vulnerability is due to an error in test_func_func. It may allow remote attackers to execute arbitrary code by entering format string specifiers in the str variable.

affected-products-logoAffected Products

LCDProc LCDProc 4.4 and earlier versions.

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Upgrade to LCDProc LCDProc 4.4

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)