);
log_message(log_msg,'e');
goto error;
}
buf += cmd_len;
So putting something like %n%n%n in 'buf' you can trigger the vulnerability.
--
Name: Vashnukad
e-mail: [EMAIL PROTECTED]
Site: http://www.vashnukad.com
I, like most people, come to full disclosure for all the best in
political theory, but while I'm here I have a minor question... what
does this entire thread have to do with full disc?
c5b360dfa8508ae34fa999b98536aa50
--
Name: Vashnukad
e-mail: [EMAIL PROTECTED]
Site: http://www.vashnukad.com
I have not yet notified the vendors.
--
Name: Vashnukad
e-mail: [EMAIL PROTECTED]
Site: http://www.vashnukad.com
On 3/5/08, David Judais [EMAIL PROTECTED] wrote:
Why isn't there a patch?
From: [EMAIL PROTECTED]
Site: http://www.vashnukad.com
Application: Linux Kiss Server v1.2
);
log_message(log_msg,'e');
goto error;
}
buf += cmd_len;
So putting something like %n%n%n in 'buf' you can trigger the vulnerability.
--
Name: Vashnukad
E-mail: [EMAIL PROTECTED]
Site: http://www.vashnukad.com