[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
POSSIBLE Format string in chmod and chgrp
From: |
vpereira |
Subject: |
POSSIBLE Format string in chmod and chgrp |
Date: |
Wed, 24 Jan 2001 13:02:30 -0200 (EDT) |
I found a possible format string vulnerability in the source code of chmod chgrp
when "you" did printf (fmt, file, groupname);
or
printf (fmt, file, mode & 07777, &perms[1]);
i can't simulate the explotation but.. it is possible.
to patch it i had put it via sprintf into a buffer..
plis reply this email ?
Tanks for your attention
Victor Pereira - Security Analist
Modulo Security Solutions (www.modulo.com.br)
- POSSIBLE Format string in chmod and chgrp,
vpereira <=