Potentially insecure format string handling in PAM support

Damien Miller djm at mindrot.org
Sat Jul 8 10:14:34 EST 2000

On Fri, 7 Jul 2000, Aaron Hopkins wrote:

> With the recent remote root Wu-ftpd exploit based upon incorrect
> format string handling (processing user-supplied data as format
> strings), I've taken to scanning any code with elevated permissions
> for similar problems.
> I found one in the portable version of OpenSSH.  Its only outputting
> messages passed back by PAM, I think, so I don't think its
> exploitable.  But the format string processing isn't needed here, so
> it should be painless to remove.

Thanks - applied.


| "Bombay is 250ms from New York in the new world order" - Alan Cox
| Damien Miller - http://www.mindrot.org/
| Email: djm at mindrot.org (home) -or- djm at ibs.com.au (work)

More information about the openssh-unix-dev mailing list