I seems that US-Cert has issued a 'High Vulnerability' warning regarding FreeBSD. This is the URL:
http://www.us-cert.gov/cas/bulletins/SB08-091.html
A snippet of the warning:
Multiple integer overflows in libc in NetBSD 4.x, FreeBSD 6.x and 7.x,
and probably other BSD and Apple Mac OS platforms allow
context-dependent attackers to execute arbitrary code via large values
of certain integer fields in the format argument to (1) the strfmon
function in lib/libc/stdlib/strfmon.c, related to the GET_NUMBER macro;
and (2) the printf function, related to left_prec and right_prec.
--
Gerard
[EMAIL PROTECTED]
Sleep -- the most beautiful experience in life -- except drink.
W.C. Fields
signature.asc
Description: PGP signature
