[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Format string vulnerability in libutil pw_error(3) function

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: Format string vulnerability in libutil pw_error(3) function
From: Alex de Joode <usura_(_at_)_zedz_(_dot_)_net>
Date: Wed, 4 Oct 2000 18:43:26 +0200

-SYNOPSIS
-
-A format string vulnerability present in the pw_error() function of
-OpenBSD 2.7's libutil library can yield localhost users root access
-through the setuid /usr/bin/chpass utility. This particular vulnerability
-was repaired three months ago on June 30th in OpenBSD-current during a
-complete source tree audit for format string problems.


Maybe an obvious question but, is OpenBSD 2.6 also vunrable ?

If so will there be a patch for 2.6 ? 
(Or does the 2.7 patch work for 2.6 also ?)

-- 
Exit! Stage Left!

Follow-Ups:
- Re: Format string vulnerability in libutil pw_error(3) function
  - From: josh

Prev by Date: Need help. ProxyARP? Other better way?
Next by Date: Re: Logging problems with ipf-ruleset.
Previous by thread: Re: Need help. ProxyARP? Other better way?
Next by thread: Re: Format string vulnerability in libutil pw_error(3) function
Index(es):
- Date
- Thread

Visit your host, monkey.org