Vulnerability Development mailing list archives
Re: man package / SuSe format string vulnerabilities
From: syzop <syz () DDS NL>
Date: Fri, 26 Jan 2001 16:16:22 +0100
confirmed on debian 2.2r2... tracing in source of man-db-2.3.16 (man-db-2.3.17 [latest I guess] same problem)...: -- [src/man.c:752]: if (!display ((cwd[0]?cwd:NULL), argv, NULL, basename(argv))) { if ( local_mf ) error (0, errno, argv); <----- HERE exit_status = NOT_FOUND; } -- [lib/error.c:80] error (int status, int errnum, const char *message, ...) -- [lib/error.c:102 (editted)] VA_START (args, message); vfprintf (stderr, message, args); -- Auch :) Cya Syzop. Joao Gouveia wrote:
Hi there, I'm sorry if this is a known issue, but i didn't find nothing related to format strings in this man package. Example follows: <quote> jroberto@spike:~ > cat /etc/issue Welcome to SuSE Linux 6.3 (i386) - Kernel \r (\l). jroberto@spike:~ > man -l %x%x%x%x man: 0bffff8600bffff85c: No such file or directory jroberto@spike:~ > man -V man, version 2.3.10, db 2.3.1, July 12th, 1995 (G.Wilford () ee surrey ac uk) </quote> AFAIK, suse 7.0 also ships with this 'man'. Can anyone confirm this? Best regards, Joao Gouveia -------------- tharbad () kaotik org
Current thread:
- man package / SuSe format string vulnerabilities Joao Gouveia (Jan 25)
- Re: man package / SuSe format string vulnerabilities syzop (Jan 26)
- Re: man package / SuSe format string vulnerabilities Sean (Jan 26)