Heya lists & 3APA3A, 3APA3A a écrit : > Dear [email protected], > > There is interesting thing with event logging on Windows. The only > security aspect of it is event log record tampering and performance > degradation, but it may become sensitive is some 3rd party software is > used for automated event log analysis. > > The problem is a kind of "Format string" vulnerability where > user-supplied input is used for event log record. For ReportEvent() > function %1, %2, etc have a special meaning and are replaced with > corresponding string from lpStrings. It looks more like a variable replacement (like $0 $1 ... in bash shell) than a format string issue to me. And it seems indeed to be a relevant information disclosure bug.
Cheers, endrazine- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
