|
|
OpenFTPD Remote Message Format String Vulnerability
Solution: It has been reported that the vendor has provided the following patch; this has not been confirmed. It should be noted that Symantec has not tested this patch. cat > openftpd_formatstring.patch << _EOF_ --- openftpd-daily.orig/src/misc/msg.c 2004-07-05 22:02:43.000000000 +0200 +++ openftpd-daily/src/misc/msg.c 2004-07-13 18:05:01.000000000 +0200 @@ -319,7 +319,7 @@ while (fgets(buff, 67, file)) { if (*(buff+strlen(buff)-1) == '\n') *(buff+strlen(buff)-1) = 0; sprintf(str, " !C| !0%-66s !C|!0\n", buff); - printf(str); + printf("%s", str); } fclose(file); printf("!C \\__________________________________________________!Hend of message!C__/!0\n"); Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>. |
|
Privacy Statement |