OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Alfred Perlstein (brightmu.org)
Date: Mon Apr 29 2002 - 16:49:29 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    * Piotr Wiejaczka <wiejakalpha.net.pl> [020429 14:44] wrote:
    > Hi all.
    >
    > %uname -a
    > FreeBSD localhost 4.5-STABLE FreeBSD 4.5-STABLE #1: Tue Mar 12 08:20:11 CET
    > 2002 root:/usr/src/sys/compile/OKO2 i386
    >
    > %cat syslog.c
    > #include <syslog.h>
    > #include <stdarg.h>
    >
    > int main(int argc, char *argv[])
    > {
    > syslog(LOG_EMERG, argv[1]);
    > }
    >
    > %./syslog "blah %x %x %x %x"
    >
    > Message from syslogdlocalhost at Mon Apr 29 23:27:35 2002 ...
    > localhost syslog: blah 2807aebe 2 bfbffc5c bfbffd26
    >
    >
    > Looks like we have a format string bug inside syslogd :)

    You're kidding right?

    Please read the syslog(3) manpage. 

    -- 
-Alfred Perlstein [alfredfreebsd.org]
'Instead of asking why a piece of software is using "1970s technology,"
 start asking why software is ignoring 30 years of accumulated wisdom.'
Tax deductible donations for FreeBSD: http://www.freebsdfoundation.org/

    To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message