Description
Format string vulnerability in LocalSyslogAppender in Apache log4net 1.2.9 might allow remote attackers to cause a denial of service (memory corruption and termination) via unknown vectors.
Affected products
- apache / log4net1.2.9_beta – 1.2.9_beta
References
- VENDOR_ADVISORYhttp://secunia.com/advisories/22932
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2006/0955
- VENDOR_ADVISORYhttp://secunia.com/advisories/19241
- VENDOR_ADVISORYhttp://www.novell.com/linux/security/advisories/2006_26_sr.html
- MISChttp://issues.apache.org/jira/browse/LOG4NET-67
- MISChttp://www.osvdb.org/23905
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/25196
- MISChttp://www.securityfocus.com/bid/17095