Ticket #3143 (closed defect: duplicate)

Opened 10 years ago

Last modified 10 years ago

format string vulnerability code in VFS

Reported by: ossi Owned by:
Priority: critical Milestone:
Component: mc-vfs Version: master
Keywords: Cc:
Blocked By: Blocking:
Branch state: no branch Votes for changeset:

Description

as reported in january 2010 (!) by Janek Kozicki (https://mail.gnome.org/archives/mc-devel/2010-January/msg00040.html), the (sh) VFS code is susceptible to printf format string attacks. while messing up the display with %f is pretty harmless, %n has been used to create exploits before. this makes the VFS unsuitable for browsing any untrusted data, which includes directories of other users on otherwise completely trusted machines.

Change History

comment:1 Changed 10 years ago by andrew_b

  • Status changed from new to closed
  • Resolution set to duplicate
  • Milestone Future Releases deleted

Closed as duplicate of #2983.

Note: See TracTickets for help on using tickets.