Unrated severityNVD Advisory· Published Dec 31, 2004· Updated Apr 16, 2026

CVE-2004-2571

Description

Multiple buffer overflows in EnderUNIX isoqlog 2.1.1 allow remote attackers to execute arbitrary code via the (1) parseQmailFromBytesLine, (2) parseQmailToRemoteLine, (3) parseQmailToLocalLine, (4) parseSendmailFromBytesLine, (5) parseSendmailToLine, (6) parseEximFromBytesLine, and (7) parseEximToLine functions in Parser.c; allow local users to execute arbitrary code via the (8) lowercase and (9) check_syslog_date functions in Parser.c, and (10) unspecified functions in Dir.c; and allow unspecified attackers to execute arbitrary code via the (11) loadconfig and (12) removespaces functions in loadconfig.c, the (13) loadLang function in LangCfg.c, and (14) unspecified functions in Html.c.

Affected products

Enderunix/Isoqlog2 versions
cpe:2.3:a:enderunix:isoqlog:2.1.1:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:enderunix:isoqlog:2.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:enderunix:isoqlog:2.2_beta:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/11741/nvdPatchVendor Advisory
securitytracker.com/idnvdPatch
www.securityfocus.com/bid/10433nvdPatch
archives.neohapsis.com/archives/bugtraq/2004-05/0298.htmlnvd
exchange.xforce.ibmcloud.com/vulnerabilities/16308nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.003
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000