oss-sec mailing list archives

Re: Nagios format string issues

From: Oden Eriksson <oeriksson () mandriva com>
Date: Wed, 6 Oct 2010 12:25:10 +0200

tisdagen den 5 oktober 2010 20.21.02 skrev  Florian Weimer:

Nagios Core 3.2.3 inclues fixes for a few format string bugs:

<http://article.gmane.org/gmane.network.nagios.announce/85>

The patch Guillaume submitted is here:

<http://article.gmane.org/gmane.network.nagios.devel/7493>

Does anybody know if this is on an exploitable code path?


We have a whole bunch of similar patches in Mandriva, just fetch the cooker 
source rpm packages and do something like:

rpm -qlp *.src,rpm | grep format

It would be a major task to push that to the upstream projects.

Just checked the ones I fixed (in 2008/2009):

$ rpm -qlp /SRPMS/contrib/release/*.rpm /SRPMS/main/release/*.rpm | grep 
format_not_a_string_literal_and_no_format_arguments | wc -l
106

So, at least 106 new CVE assignments there.


Cheers.

-- 
Regards // Oden Eriksson
Security team manager - Mandriva
CEO NUX AB

Current thread:

Nagios format string issues Florian Weimer (Oct 05)
- Re: Nagios format string issues Oden Eriksson (Oct 06)
- <Possible follow-ups>
- Re: Nagios format string issues Josh Bressers (Oct 06)
  - Re: Nagios format string issues Steven M. Christey (Oct 06)
  - Re: Nagios format string issues Oden Eriksson (Oct 06)
    - Re: Nagios format string issues Tomas Hoger (Oct 07)
    - Re: Nagios format string issues Oden Eriksson (Oct 12)