Hello, > Due to the way requests are logged the only way to exploit this > vulnerability is through setting the DNS name of the fingering host to the > attacker supplied format string. I really wonder how you want to exploit this... Last time I checked all tested resolvers (Linux/BSD/Solaris) did not allow % within domain names and so your format string vulnerability is not exploitable at all... Stefan Esser
This archive was generated by hypermail 2b30 : Wed Dec 18 2002 - 16:46:30 PST