cpe:/a:denis_sbragion:sredird:1.0 cpe:/a:denis_sbragion:sredird:1.1.6 cpe:/a:denis_sbragion:sredird:1.1.7 cpe:/a:denis_sbragion:sredird:1.1.8 cpe:/a:denis_sbragion:sredird:2.0 cpe:/a:denis_sbragion:sredird:2.1 cpe:/a:denis_sbragion:sredird:2.2 cpe:/a:denis_sbragion:sredird:2.2.1 cpe:/a:peter_astrand:sercd:2.3.0 CVE-2004-2386 2004-12-31T00:00:00.000-05:00 2017-07-10T21:31:51.157-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-08-23T08:47:00.000-04:00 ALLOWS_USER_ACCESS SECTRACK 1011038 BID 11002 BID 11031 SECUNIA 12351 OSVDB 8375 OSVDB 9104 CONFIRM http://cvs.lysator.liu.se/viewcvs/viewcvs.cgi/sercd/sercd.c?root=sercd XF sredird-logmsg-format-string(17056) Format string vulnerability in the LogMsg function in sercd before 2.3.1 and sredird 2.2.1 and earlier allows remote attackers to execute arbitrary code via format string specifiers passed from the HandleCPCCommand function.