Unrated severityNVD Advisory· Published Feb 9, 2005· Updated Apr 16, 2026

CVE-2004-0980

Description

Format string vulnerability in ez-ipupdate.c for ez-ipupdate 3.0.10 through 3.0.11b8, when running in daemon mode with certain service types in use, allows remote servers to execute arbitrary code.

Affected products

Angus Mackay/Ez Ipupdate2 versions
cpe:2.3:a:angus_mackay:ez-ipupdate:3.0.11b5:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:angus_mackay:ez-ipupdate:3.0.11b5:*:*:*:*:*:*:*
- cpe:2.3:a:angus_mackay:ez-ipupdate:3.0.11b8:*:*:*:*:*:*:*
Debian/Debian Linux12 versions
cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*+ 11 more
- cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*
Gentoo/Linux
cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.gentoo.org/security/en/glsa/glsa-200411-20.xmlnvdPatchVendor Advisory
www.securityfocus.com/bid/11657nvdPatchVendor Advisory
lists.grok.org.uk/pipermail/full-disclosure/2004-November/028590.htmlnvd
secunia.com/advisories/13167/nvd
www.debian.org/security/2004/dsa-592nvd
www.mandriva.com/security/advisoriesnvd
exchange.xforce.ibmcloud.com/vulnerabilities/18032nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000