Bugtraq mailing list archives
ANNOUNCE: PScan, a simple security scanner.
From: aland () STRIKER OTTAWA ON CA (Alan DeKok)
Date: Fri, 7 Jul 2000 14:47:13 -0400
[ This should probably wait until Monday to be released ... ] I've written a simple GPL'd security scanner for the classic problems of printf-style functions, where a variable contains formatting characters. e.g.: variable = "%s"; /* or malicious user input */ sprintf(buffer, variable); /* BAD! */ The preferred solution would be to call sprintf in the following manner: sprintf(buffer, "%s", variable); /* Probably OK */ That's really all it does. But it does allow for user supplied per-application configuration files for problematic functions. The URL is: http://www.striker.ottawa.on.ca/~aland/pscan/ I've taken the liberty of scanning the latest wu-ftpd source, and posting the results on the web page. I've checked the result, and didn't see any obviously exploitable holes, but the wu-ftpd people may want to double-check that themselves. I took some care to minimize the number of false positives that the program produces, and to make the output and documentation clear. That should help to make it a useful program, which can be one more step in securing your programs. Alan DeKok.
Current thread:
- Re: More Detailed Info on the BitchX Format Bugs, (continued)
- Re: More Detailed Info on the BitchX Format Bugs RoboHak (Jul 09)
- opieftpd setproctitle() patches Kris Kennaway (Jul 10)
- Remote DoS Attack in WircSrv Irc Server v5.07s Vulnerability Ussr Labs (Jul 10)
- Security Update: Denial of Service against irc-BX Technical Support (Jul 07)
- Out of order SMTP DATA commands incorrectly allow pass-through mode in some firewall smtp filters/proxies Lincoln Yeoh (Jul 08)
- Re: ftpd and setproctitle() D. J. Bernstein (Jul 07)
- Re: ftpd and setproctitle() Bernd Luevelsmeyer (Jul 07)
- Re: ftpd and setproctitle() Firstname Lastname (Jul 10)
- BitchX update Vincent Danen (Jul 07)
- Re: ftpd and setproctitle() Pavel Kankovsky (Jul 08)
- Re: ftpd and setproctitle() Bernd Luevelsmeyer (Jul 07)
- ANNOUNCE: PScan, a simple security scanner. Alan DeKok (Jul 07)
- Re: ftpd and setproctitle() Roger Espel Llima (Jul 07)
- Re: ftpd and setproctitle() Adam McKenna (Jul 07)
- Security Update: symlink attack on makewhatis script possible Technical Support (Jul 07)
- Re: ftpd and setproctitle() Nic Bellamy (Jul 07)