|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: root (root
cow.net)Date: Thu Oct 25 2001 - 12:23:53 CDT
Hello,
there is a serious bug in RWhoisd by NSI on all versions.
it is possible for a user to supply the format string
passed to print_error() simpley by using the "-soa" directive.
the results are obvious, we can write almost anywhere in the
proc's memory thus executing code as the user running rwhoisd.
(usually rwhoisd , but can easily become root if rwhoisd.conf writeable)
- TEXT/PLAIN attachment: gen.c
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]