[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] Re: [SECURITY] [DSA 1024-1] New clamav packages fix several vulnerabilities

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] Re: [SECURITY] [DSA 1024-1] New clamav packages fix several vulnerabilities
From: "Ulf Harnhammar" <metaur@xxxxxxxxxxxxx>
Date: Fri, 07 Apr 2006 21:01:32 +0100

> Debian Security Advisory DSA 1024-1 security@xxxxxxxxxx
> Package : clamav

> CVE-2006-1615 
>     Format string vulnerabilities in the logging code have been discovered, 
>     which might lead to the execution of arbitrary code.

Is this about the strange looking syslog calls in shared/output.c? I have found 
them
too (boast boast), and I believe that they are no vulnerabilities at all, as the
offending data will always pass through this construct:

while((pt = strchr(vbuff, '%')))
    *pt = '_';

(For the non-programmers out there, it changes all instances of "%" in vbuff to 
"_".)

// Ulf Harnhammar



-- 
_______________________________________________
Surf the Web in a faster, safer and easier way:
Download Opera 8 at http://www.opera.com

Powered by Outblaze

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/