|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Przemyslaw Frasunek (venglin
FREEBSD.LUBLIN.PL)Date: Fri Jan 26 2001 - 15:55:19 CST
Hello,
Mars_nwe 0.99.pl19 is vulnerable to remote format string vulnerability,
allowing to gain superuser privileges from DOS/Windows workstations
attached to mars server.
Here is the patch:
--- tools.c.orig Fri Jan 26 22:46:34 2001
+++ tools.c Fri Jan 26 22:46:59 2001
-189,7 +189,7
sprintf(identstr, "%s %d %3d", get_debstr(0),
act_connection, act_ncpsequence);
openlog(identstr, LOG_CONS, LOG_DAEMON);
- syslog(LOG_DEBUG, buf);
+ syslog(LOG_DEBUG, "%s", buf);
closelog();
} else {
int l=strlen(buf);
-249,7 +249,7
}
sprintf(identstr, "%s %d %3d", get_debstr(0), act_connection, act_ncpsequence);
openlog(identstr, LOG_CONS, LOG_DAEMON);
- syslog(prio, buf);
+ syslog(prio, "%s", buf);
closelog();
if (!mode) return;
lologfile=stderr;
-- * Fido: 2:480/124 ** WWW: http://www.frasunek.com/ ** NIC-HDL: PMF9-RIPE * * Inet: przemyslaw
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]