LCDproc.TestFunc.Command.Arbitrary.Code.Execution
Description
This indicates a possible exploit of a Format String vulnerability in LCDProc.
The vulnerability is due to an error in test_func_func. It may allow remote attackers to execute arbitrary code by entering format string specifiers in the str variable.
Affected Products
LCDProc LCDProc 4.4 and earlier versions.
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Upgrade to LCDProc LCDProc 4.4
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |