[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Advisory: sudo 1.8 Format String Vulnerability

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] Advisory: sudo 1.8 Format String Vulnerability
From: nicolas vigier <boklm@xxxxxxxxxxxxxxxx>
Date: Mon, 30 Jan 2012 19:42:01 +0100

On Mon, 30 Jan 2012, Henri Salo wrote:

> On Mon, Jan 30, 2012 at 02:56:26PM +0100, joernchen of Phenoelit wrote:
> > Hi,
> > 
> > FYI, see attached.
> > 
> > cheers,
> > 
> > joernchen
> > -- 
> > joernchen ~ Phenoelit
> > <joernchen@xxxxxxxxxxxx> ~ C776 3F67 7B95 03BF 5344
> > http://www.phenoelit.de  ~ A46A 7199 8B7B 756A F5AC
> 
> This seems to be CVE-2012-0809 and reported to Gentoo as 
> https://bugs.gentoo.org/show_bug.cgi?id=401533

Fixed in Mageia 1 :
https://bugs.mageia.org/show_bug.cgi?id=4348

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] Advisory: sudo 1.8 Format String Vulnerability
  - From: joernchen of Phenoelit
- Re: [Full-disclosure] Advisory: sudo 1.8 Format String Vulnerability
  - From: Henri Salo

Prev by Date: [Full-disclosure] ZDI-12-020 : IBM SPSS VsVIEW6.ocx ActiveX Control Multiple Methods Remote Code Execution Vulnerability
Next by Date: [Full-disclosure] [SECURITY] [DSA 2398-1] curl security update
Previous by thread: Re: [Full-disclosure] Advisory: sudo 1.8 Format String Vulnerability
Next by thread: Re: [Full-disclosure] Advisory: sudo 1.8 Format String Vulnerability
Index(es):
- Date
- Thread