[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Format string vulnerability in libutil pw_error(3) function
- To: misc_(_at_)_openbsd_(_dot_)_org
- Subject: Format string vulnerability in libutil pw_error(3) function
- From: Alex de Joode <usura_(_at_)_zedz_(_dot_)_net>
- Date: Wed, 4 Oct 2000 18:43:26 +0200
-A format string vulnerability present in the pw_error() function of
-OpenBSD 2.7's libutil library can yield localhost users root access
-through the setuid /usr/bin/chpass utility. This particular vulnerability
-was repaired three months ago on June 30th in OpenBSD-current during a
-complete source tree audit for format string problems.
Maybe an obvious question but, is OpenBSD 2.6 also vunrable ?
If so will there be a patch for 2.6 ?
(Or does the 2.7 patch work for 2.6 also ?)
Exit! Stage Left!
Visit your host, monkey.org