Full Disclosure mailing list archives
[+] Vulnerability in less version 394 and prior
From: glopeda.com <glopeda () glopeda com>
Date: Wed, 31 Oct 2007 00:29:15 -0400
From: glopeda () glopeda com Application: less 394 and prior Type: Format strings vulnerability Priority: Low There exists a format strings bug in the less application present in most flavors of UNIX. It could be leveraged for privilege escalation if the calling application is setuid/setgid and does not properly drop privileges. Meager demonstration: $ export LESSOPEN=%s%n $ less somefile Segmentation fault $ See http://www.glopeda.com for more details. -- Site: http://www.glopeda.com E-mail: glopeda () glopeda com Name: Mitch _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- [+] Vulnerability in less version 394 and prior glopeda . com (Oct 30)
- Re: [+] Vulnerability in less version 394 and prior fdlist (Oct 30)
- Re: [+] Vulnerability in less version 394 and prior Jonathan Smith (Oct 30)
- Message not available
- Re: [+] Vulnerability in less version 394 and prior Jeffrey Denton (Oct 31)
- Re: [+] Vulnerability in less version 394 and prior glopeda . com (Oct 31)
- Re: [+] Vulnerability in less version 394 and prior Jeffrey Denton (Oct 31)