On Wed, Jan 31, 2001 at 02:22:01PM -0000, Joao Gouveia wrote: : The man package that ships with SuSe Linux ( at least versions 6.1 throught : 7.0 ) has a format string vulnerability. Also debian 2.2r2 ( at least ), is : confirmed to have the same problem. : : <quote> : jroberto@spike:~ > man -l %x%x%x%x : man: 4000bc7438049af00: No such file or directory : </quote> The same problem in most (all?) distributions is with m4 - GNU macro processor code, when trying use -G option: mezon@beata:~$ m4 -G %x%x%x%x m4: 40012a48380491e00: No such file or directory -- Tomasz Kuzniar <[EMAIL PROTECTED]> * Polska Platforma Internetowa * ~ ~ ~ "Wyjsc na ludzi - Go out on people"
- SuSe / Debian man package format string vulnerabilit... Joao Gouveia
- Re: SuSe / Debian man package format string vul... Roman Drahtmueller
- m4 format string vulnerability [was: Re: SuSe /... Tomasz Kuźniar
- m4 format string vulnerability [was: Re: Su... Mike Gerber
- Re: m4 format string vulnerability [was... Ivo van Poorten
- Re: m4 format string vulnerability Jarno Huuskonen
- Re: SuSe / Debian man package format string vul... StyX
- Re: SuSe / Debian man package format string... Martin Schulze
- Re: SuSe / Debian man package format st... Jose Nazario
- Re: SuSe / Debian man package forma... Nate Eldredge
- Re: SuSe / Debian man package format st... Robert Bihlmeyer
- Re: SuSe / Debian man package format string... Robert van der Meulen
- Re: SuSe / Debian man package format st... Valdis Kletnieks