Re: m4 and format strings

From: KF (dotslashat_private)
Date: Wed Jun 27 2001 - 04:45:40 PDT

Next message: Aigars Grins: "Re: Getting passwords from the heap?"

Previous message: Vladimir Kraljevic: "RE: Getting passwords from the heap?"
In reply to: Robert van der Meulen: "Re: m4 and format strings"
Next in thread: Matt Zimmerman: "Re: m4 and format strings"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

GNU m4 is maintained by Reni Seindal. 
Checking his changelog from 
http://www.seindal.dk/rene/gnu/changelog.htm
I didn't see any changes since 2000-01-16 so someone may wish to pass
the 
patch on to the author if it was not provided by him. 

Here is at least three of the threads with the format issues if anyone
was 
interested in the possible exploitation of this issue. 

http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Fthreads%3D0%26list%3D1%26end%3D2001-06-30%26tid%3D161424%26start%3D2001-06-24%26

http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Ftid%3D165006%26start%3D2001-06-24%26threads%3D0%26list%3D82%26end%3D2001-06-30%26

This is the thread which spawned from the man issue. 
http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26tid%3D160449%26end%3D2001-06-30%26threads%3D0%26start%3D2001-06-24%26

-KF

Next message: Aigars Grins: "Re: Getting passwords from the heap?"
Previous message: Vladimir Kraljevic: "RE: Getting passwords from the heap?"
In reply to: Robert van der Meulen: "Re: m4 and format strings"
Next in thread: Matt Zimmerman: "Re: m4 and format strings"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Jun 27 2001 - 19:33:19 PDT