> I found a possible format string vulnerability in the source code of chmod chgrp
>
> when "you" did printf (fmt, file, groupname);
> or
> printf (fmt, file, mode & 07777, &perms[1]);
>
> i can't simulate the explotation but.. it is possible.
> to patch it i had put it via sprintf into a buffer..
>
> plis reply this email ?
>
> Tanks for your attention
>
> Victor Pereira - Security Analist
>
> Modulo Security Solutions (www.modulo.com.br)
Perhaps you could be more specific. I see no vulnerability there.
Bob
_______________________________________________
Bug-fileutils mailing list
[EMAIL PROTECTED]
http://mail.gnu.org/mailman/listinfo/bug-fileutils
