Re: [SECURITY] [DSA 1024-1] New clamav packages fix several vulnerabilities

To: full-disclosure@lists.grok.org.uk
Cc: debian-security@lists.debian.org
Subject: Re: [SECURITY] [DSA 1024-1] New clamav packages fix several vulnerabilities
From: "Ulf Harnhammar" <metaur@operamail.com>
Date: Fri, 07 Apr 2006 21:01:32 +0100
Message-id: <[🔎] 20060407200132.C46DC43C37@ws5-1.us4.outblaze.com>

> Debian Security Advisory DSA 1024-1 security@debian.org
> Package : clamav

> CVE-2006-1615 
>     Format string vulnerabilities in the logging code have been discovered, 
>     which might lead to the execution of arbitrary code.

Is this about the strange looking syslog calls in shared/output.c? I have found them
too (boast boast), and I believe that they are no vulnerabilities at all, as the
offending data will always pass through this construct:

while((pt = strchr(vbuff, '%')))
    *pt = '_';

(For the non-programmers out there, it changes all instances of "%" in vbuff to "_".)

// Ulf Harnhammar



-- 
_______________________________________________
Surf the Web in a faster, safer and easier way:
Download Opera 8 at http://www.opera.com

Powered by Outblaze

Reply to:

Follow-Ups:
- Re: [SECURITY] [DSA 1024-1] New clamav packages fix several vulnerabilities
  - From: Stephen Gran <sgran@debian.org>

Prev by Date: Re: [SECURITY] [DSA 1018-2] New Linux kernel 2.4.27 packages fix several vulnerabilities
Next by Date: Re: [SECURITY] [DSA 1024-1] New clamav packages fix several vulnerabilities
Previous by thread: Re: [SECURITY] [DSA 1018-2] New Linux kernel 2.4.27 packages fix several vulnerabilities
Next by thread: Re: [SECURITY] [DSA 1024-1] New clamav packages fix several vulnerabilities
Index(es):
- Date
- Thread