<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Vulnerability Development: Re: stackguard-like embedded protection

Re: stackguard-like embedded protection

From: Greg KH <greg_at_WIREX.COM>
Date: Tue, 5 Sep 2000 21:57:27 -0700

On Tue, Sep 05, 2000 at 05:09:20PM +0200, typo_at_INFERNO.TUSCULUM.EDU wrote:
>
> where's the need for research? i've made glibc rpms without %n the day
> the first format bugs went to bugtraq, and had them installed on all of my
> [linux] machines since then...

That doesn't solve much, as there are a bunch of programs out there that
actually _use_ the '%n' modifier legitimately. Once the format bugs came
out, I did a scan of all of the source code on a RedHat box. There are
more programs that use '%n' than I expected. I can dig up the list if
people want.

So a "real" solution can't just ignore the C Standard. And just
removing '%n' isn't a "real" solution.

greg k-h

--
greg@(kroah|wirex).com

Received on Sep 06 2000

This message: [ Message body ]
Next message: Bluefish (P.Magnusson): "Re: PCAnywhere Info"
Previous message: Bluefish (P.Magnusson): "Re: stackguard-like embedded protection"
In reply to: typo_at_INFERNO.TUSCULUM.EDU: "Re: stackguard-like embedded protection"
Next in thread: Juliano Rizzo: "Re: stackguard-like embedded protection"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]

edgeos