Bugtraq mailing list archives

Re: [RHSA-2000:039-02] remote root exploit (SITE EXEC) fixed

From: venglin () FREEBSD LUBLIN PL (Przemyslaw Frasunek)
Date: Sat, 24 Jun 2000 09:22:48 +0200

3. Problem description:
An exploitable buffer overrun existed in wu-ftpd code's status update code.
Fixed by adding bounds checking by passing the status strings through %s.


Yet another clueless advisory. I say it loudly: THIS IS NOT BUFFER OVERFLOW
ATTACK. All applications that doesn't use format strings properly are vulnerable
to <retloc>%.f%.f%.f %.<ret>d%n attack.

--
* Fido: 2:480/124 ** WWW: http://www.freebsd.lublin.pl ** NIC-HDL: PMF9-RIPE *
* Inet: venglin () freebsd lublin pl ** PGP: D48684904685DF43  EA93AFA13BE170BF *

Current thread:

[RHSA-2000:039-02] remote root exploit (SITE EXEC) fixed bugzilla () REDHAT COM (Jun 23)
- Re: [RHSA-2000:039-02] remote root exploit (SITE EXEC) fixed Przemyslaw Frasunek (Jun 24)