[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Advisory: sudo 1.8 Format String Vulnerability

To: joernchen of Phenoelit <joernchen@xxxxxxxxxxxx>
Subject: Re: [Full-disclosure] Advisory: sudo 1.8 Format String Vulnerability
From: Henri Salo <henri@xxxxxxx>
Date: Mon, 30 Jan 2012 20:01:36 +0200

On Mon, Jan 30, 2012 at 02:56:26PM +0100, joernchen of Phenoelit wrote:
> Hi,
> 
> FYI, see attached.
> 
> cheers,
> 
> joernchen
> -- 
> joernchen ~ Phenoelit
> <joernchen@xxxxxxxxxxxx> ~ C776 3F67 7B95 03BF 5344
> http://www.phenoelit.de  ~ A46A 7199 8B7B 756A F5AC

This seems to be CVE-2012-0809 and reported to Gentoo as 
https://bugs.gentoo.org/show_bug.cgi?id=401533

- Henri Salo

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] Advisory: sudo 1.8 Format String Vulnerability
  - From: nicolas vigier

References:
- [Full-disclosure] Advisory: sudo 1.8 Format String Vulnerability
  - From: joernchen of Phenoelit

Prev by Date: [Full-disclosure] ZDI-12-019 : IBM SPSS mraboutb.dll ActiveX Control SetLicenseInfoEx Method Remote Code Execution Vulnerability
Next by Date: [Full-disclosure] ZDI-12-020 : IBM SPSS VsVIEW6.ocx ActiveX Control Multiple Methods Remote Code Execution Vulnerability
Previous by thread: Re: [Full-disclosure] Advisory: sudo 1.8 Format String Vulnerability
Next by thread: Re: [Full-disclosure] Advisory: sudo 1.8 Format String Vulnerability
Index(es):
- Date
- Thread