Beefy Boxes and Bandwidth Generously Provided by pair Networks Bob
"be consistent"
 
PerlMonks  

Re: Searching for sprintf() bug exploit opportunities in core and CPAN modules

by thor (Priest)
on Dec 02, 2005 at 12:35 UTC ( #513576=note: print w/ replies, xml ) Need Help??


in reply to Searching for sprintf() bug exploit opportunities in core and CPAN modules

Alright...time for me to admit my ineptitude. Whenever I see stuff like this, I can usually follow only for a little bit. In this case, I followed the link to the advisory and understand that if you put a length specifier larger than MAX_INT in a format string, something bad happens. After that, though, I get a bit lost in their use of gdb to "demonstrate" the bug. Is there some way to dumb it down for a guy like me without providing something for script kiddies?

thor

The only easy day was yesterday


Comment on Re: Searching for sprintf() bug exploit opportunities in core and CPAN modules
Re^2: Searching for sprintf() bug exploit opportunities in core and CPAN modules
by creamygoodness (Curate) on Dec 02, 2005 at 17:49 UTC
Re^2: Searching for sprintf() bug exploit opportunities in core and CPAN modules
by diotalevi (Canon) on Dec 02, 2005 at 20:02 UTC

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://513576]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others studying the Monastery: (8)
As of 2014-04-21 12:18 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    April first is:







    Results (495 votes), past polls