Hi, > syslog (syslog_priority, "%s", message); I've commited this to CVS. > I can't figure out whether this is exploitable. That would depend on > what kinds of messages an attacker could get passed g_log. Unfortunately, access point essids are passed to the logging functions in quite a few places. So if a user tries to connect to an access point with a bad essid, Network Manager may crash or worse.
--Ray Strode _______________________________________________ NetworkManager-list mailing list [email protected] http://mail.gnome.org/mailman/listinfo/networkmanager-list
