Format string vulnerability in Network Solutions Rwhoisd 1.5.7.2 and earlier, when using syslog, allows remote attackers to corrupt memory and possibly execute arbitrary code via a rwhois request that contains format specifiers.
| Software | From | Fixed in |
|---|---|---|
| network_solutions / rwhoisd | 1.5 | 1.5.x |
| network_solutions / rwhoisd | 1.5.1a | 1.5.1a.x |
| network_solutions / rwhoisd | 1.5.2 | 1.5.2.x |
| network_solutions / rwhoisd | 1.5.3 | 1.5.3.x |
| network_solutions / rwhoisd | 1.5.5 | 1.5.5.x |
| network_solutions / rwhoisd | 1.5.6 | 1.5.6.x |
| network_solutions / rwhoisd | 1.5.7 | 1.5.7.x |
| network_solutions / rwhoisd | 1.5.7.1 | 1.5.7.1.x |
| network_solutions / rwhoisd | 1.5.7.2 | 1.5.7.2.x |