POSSIBLE Format string in chmod and chgrp

bug-fileutils

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

POSSIBLE Format string in chmod and chgrp

From:	vpereira
Subject:	POSSIBLE Format string in chmod and chgrp
Date:	Wed, 24 Jan 2001 13:02:30 -0200 (EDT)

I found a possible format string vulnerability in the source code of chmod chgrp

when "you" did   printf (fmt, file, groupname);
                 or
                   printf (fmt, file, mode & 07777, &perms[1]);

i can't simulate the explotation but.. it is possible.
to patch it i had put it via sprintf into a buffer..

plis reply this email ? 

Tanks for your attention

Victor Pereira - Security Analist

Modulo Security Solutions (www.modulo.com.br)

[Prev in Thread]

Current Thread

[Next in Thread]

POSSIBLE Format string in chmod and chgrp, vpereira <=
- Re: POSSIBLE Format string in chmod and chgrp, Bob Proulx, 2001/01/24

Prev by Date: Speicherplatz
Next by Date: Re: POSSIBLE Format string in chmod and chgrp
Previous by thread: Speicherplatz
Next by thread: Re: POSSIBLE Format string in chmod and chgrp
Index(es):
- Date
- Thread