[28319] in bugtraq
Re: PFinger 0.7.8 format string vulnerability (#NISR16122002B)
daemon@ATHENA.MIT.EDU (Andreas Tscharner)
Fri Dec 27 10:06:46 2002
Date: Thu, 26 Dec 2002 23:07:48 +0100
From: Andreas Tscharner <starfire@dplanet.ch>
To: bugtraq@securityfocus.com,
Baumer Michael Guenther Carolus <baumi@vis.ethz.ch>
Message-Id: <20021226230748.2dab3bca.starfire@dplanet.ch>
In-Reply-To: <002001c2a53d$07a90260$2601010a@ngssoftware.com>
Mime-Version: 1.0
Content-Type: multipart/signed; protocol="application/pgp-signature";
micalg="pgp-sha1"; boundary="=.jbO'a0rc6s)nRL"
--=.jbO'a0rc6s)nRL
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
On Mon, 16 Dec 2002 19:55:05 -0000
"NGSSoftware Insight Security Research" <nisr@nextgenss.com> wrote:
> NGSSoftware Insight Security Research Advisory
>
> Name: PFinger Format String vulnerability
> Systems: PFinger version 0.7.8 and earlier
> Severity: High Risk
> Vendor URL: http://www.xelia.ch/unix/pfinger/
> Author: David Litchfield (david@ngssoftware.com)
> Advisory URL: http://www.ngssoftware.com/advisories/pfinger.txt
> Date: 16th December 2002
> Advisory number: #NISR16122002B
For those who haven't noticed:
The author has fixed the bug and released a new version 0.7.9
Best regards
Andreas
--
Andreas Tscharner starfire@dplanet.ch
----------------------------------------------------------------------
"Programming today is a race between software engineers striving to
build bigger and better idiot-proof programs, and the Universe trying
to produce bigger and better idiots. So far, the Universe is winning."
-- Rich Cook
--=.jbO'a0rc6s)nRL
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQE+C33Id6icl+PTsS8RAvhQAJ4hgYMF+cg69RaQ0eD+K6qZwVRktACgnqLZ
kYFmHgqapAMAYdlhATb2yzQ=
=xWNd
-----END PGP SIGNATURE-----
--=.jbO'a0rc6s)nRL--
