Re: [Fwd: Re: m4 and format strings]

From: Gary V.Vaughan (garyat_private)
Date: Thu Aug 09 2001 - 02:32:18 PDT

  • Next message: Mike Duncan: "Re: Winnt/Win2k Vuln ?"

    On Wednesday 27 June 2001 12:43 pm, KF wrote:
    > On Tue, Jun 26, KF wrote:
    > >?I noticed on NT my m4 binary had format strings issues...
    >
    > [cut cut]
    >
    > >?[elguapo@linux elguapo]$ m4 %x,%x,%x,%x,%x,%x,%x
    > >?m4: 0,bffff818,4000d2ce,805df78,8048c56,4002e0bc,4014af2c: No such file
    > >?or directory
    > >?
    > >?can anyone think of a situation where this could cause root
    > >?to be exploitated... m4 is not suid to my understanding.
    >
    > The m4 format string issue did come up a few months ago (either on
    > vuln-dev or bugtraq...). I think there was some discussion if it can be
    > exploited.
    
    I just applied the original patch from Andreas Schwab (which is identical to 
    yours!).
    
    Cheers,
    	Gary.
    -- 
      ())_. Gary V. Vaughan     gary@(oranda.demon.co.uk|gnu.org)
      ( '/  Research Scientist  http://www.oranda.demon.co.uk       ,_())____
      / )=  GNU Hacker          http://www.gnu.org/software/libtool  \'      `&
    `(_~)_  Tech' Author        http://sources.redhat.com/autobook   =`---d__/
    



    This archive was generated by hypermail 2b30 : Fri Aug 10 2001 - 11:18:02 PDT