Intrusion Prevention

OpenVMPS.Logging.Format.String

Description

It indicates a possible exploit of a format string vulnerability in the vmps_log function in OpenVMPS (VLAN Management Policy Server), that may allow remote attackers to execute arbitrary code.

Affected Products

OpenVMPS OpenVMPS 1.3

Impact

Execute arbitrary code in the context of affected application.

Recommended Actions

The vendor has released fixes in its CVS repository.
http://vmps.cvs.sourceforge.net/vmps/vmpsd/

CVE References

CVE-2005-4714