Re: Webmin miniserv.pl format string vulnerability

[H D Moore <fdlist () digitaloffense net>]

As many folks have pointed out and consistent with the recent Dyad 
advisory, these bugs are indeed exploitable. I only mention this because 
a reporter quoted someone who quoted my original message and then used it 
to downplay the severity of the problem. 

$ perl -e 'printf("%2918905856\$vs")'

-HD


On Tuesday 29 November 2005 11:15, H D Moore wrote:
> On Tuesday 29 November 2005 04:07, advisory () dyadsecurity com wrote:
> > [snip ] so so if remote code execution is successful, it would
> > lead to a full remote root compromise in a standard configuration.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/