Test case 1735

Cves: CVE-2000-0867
Type: source code
State: bad
Status: candidate
Language: C
Submission Date: 16 Aug 2006

Description

This sample contains the format string vulnerability CVE-2000-0867 from sysklogd 1.3.30. The flaw is found when the LogLine() function of klogd.c calls the Syslog() function in the same file.

Flaws

CWE-134 Use of Externally-Controlled Format String

Have any comments on this test case? Please, send us an email.