[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

POSSIBLE Format string in chmod and chgrp

From: vpereira
Subject: POSSIBLE Format string in chmod and chgrp
Date: Wed, 24 Jan 2001 13:02:30 -0200 (EDT)

I found a possible format string vulnerability in the source code of chmod chgrp

when "you" did   printf (fmt, file, groupname);
                   printf (fmt, file, mode & 07777, &perms[1]);

i can't simulate the explotation but.. it is possible.
to patch it i had put it via sprintf into a buffer..

plis reply this email ? 

Tanks for your attention

Victor Pereira - Security Analist

Modulo Security Solutions (www.modulo.com.br)

reply via email to

[Prev in Thread] Current Thread [Next in Thread]