mopd (Maintenance Operations Protocol loader daemon) does not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands.Referenceshttp://archives.neohapsis.com/archives/freebsd/2000-08/0336.htmlhttp://www.redhat.com/support/errata/RHSA-2000-050.htmlhttp://cvsweb.netbsd.org/bsdweb.cgi/basesrc/usr.sbin/mopd/mopd/process.c.diff?r1=1.7&r2=1.8&f=hhttp://archives.neohapsis.com/archives/bugtraq/2000-08/0064.htmlhttp://www.openbsd.org/errata.html#mopdhttp://www.securityfocus.com/bid/1559
