Joao Gouveia wrote:
>
> Hi,
>
> This issue has been discussed in vuln-dev (2001-01-26), see:
> http://www.securityfocus.com/templates/archive.pike?end=2001-01-27&tid=15872
> 4&fromthread=0&start=2001-01-21&threads=1&list=82&
>
> Posted also on suse security list, and aparently overlooked.
>
> The man package that ships with SuSe Linux ( at least versions 6.1 throught
> 7.0 ) has a format string vulnerability. Also debian 2.2r2 ( at least ), is
> confirmed to have the same problem.
>
> <quote>
> jroberto@spike:~ > man -l %x%x%x%x
> man: 4000bc7438049af00: No such file or directory
> </quote>
>
> Regards,
>
> Joao Gouveia
> ------------
> [EMAIL PROTECTED]
Hmm... What about this?
styx@SuxOS-devel:~$ man -l %n%n%n%n
man: Segmentation fault
styx@SuxOS-devel:~$
This was on my Debian 2.2 potato system (It doesn't dump core though).
--
StyX
[EMAIL PROTECTED]
-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GCM/CS/CC/IT d?>d s:>s++:++ a? C++>C++++$ UL++++
P+>P+++++ L+++>L+++++ E--- W++>$ N++ w--- PS PE Y+
PGP>PGP+++ t+ 5 X+ R+ tv+ b+ D-- G++ e->e+++++ h-->h++ y?
------END GEEK CODE BLOCK------
