Re: PFinger 0.7.8 format string vulnerability (#NISR16122002B)

• Previous message: Martin Schulze: "[SECURITY] [DSA 217-1] New typespeed packages fix buffer overflow"
• In reply to: NGSSoftware Insight Security Research: "[VulnWatch] PFinger 0.7.8 format string vulnerability (#NISR16122002B)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 16 Dec 2002 19:55:05 -0000
"NGSSoftware Insight Security Research" <nisrat_private> wrote:

> NGSSoftware Insight Security Research Advisory
> 
> Name: PFinger Format String vulnerability
> Systems: PFinger version 0.7.8 and earlier
> Severity: High Risk
> Vendor URL: http://www.xelia.ch/unix/pfinger/
> Author: David Litchfield (davidat_private)
> Advisory URL: http://www.ngssoftware.com/advisories/pfinger.txt
> Date: 16th December 2002
> Advisory number: #NISR16122002B

For those who haven't noticed:
The author has fixed the bug and released a new version 0.7.9

Best regards
	Andreas
-- 
Andreas Tscharner                                  starfireat_private
----------------------------------------------------------------------
"Programming today is a race between software engineers striving to
build bigger and better idiot-proof programs, and the Universe trying
to produce bigger and better idiots. So far, the Universe is winning."
                                                          -- Rich Cook 

• application/pgp-signature attachment: stored

• Next message: Scott Howard: "Re: Solaris priocntl exploit - Sol8 patches available"
• Previous message: Martin Schulze: "[SECURITY] [DSA 217-1] New typespeed packages fix buffer overflow"
• In reply to: NGSSoftware Insight Security Research: "[VulnWatch] PFinger 0.7.8 format string vulnerability (#NISR16122002B)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Dec 27 2002 - 09:53:51 PST