oss-sec mailing list archives
Flightgear remote format string
From: Andrés Gómez Ramírez <andresgomezram7 () gmail com>
Date: Tue, 30 Apr 2013 11:11:26 -0500
Hi, Introduction: FlightGear is an open-source flight simulator. It supports a variety of popular platforms (Windows, Mac, Linux, etc.) and is developed by skilled volunteers from around the world. Source code for the entire project is available and licensed under the GNU General Public License. Bug: Flightgear allows remote control through Property tree. It is vulnerable to remote format string vulnerability when some special parameters related with clouds are changed. This could allow to crash the application or potentially execute arbitrary code under certain conditions. Fix: No fix. References: http://kuronosec.blogspot.com/2013/04/flightgear-remote-format-string.html
Current thread:
- Flightgear remote format string Andrés Gómez Ramírez (Apr 30)
- Re: Flightgear remote format string Kurt Seifried (Apr 30)
- Re: Flightgear remote format string Andrés Gómez Ramírez (May 01)
- Re: Flightgear remote format string Kurt Seifried (May 01)
- Re: Flightgear remote format string Andrés Gómez Ramírez (May 02)
- RE: Flightgear remote format string Christey, Steven M. (May 02)
- Re: Flightgear remote format string Andrés Gómez Ramírez (May 02)
- Re: Flightgear remote format string Andrés Gómez Ramírez (May 01)
- Re: Flightgear remote format string Kurt Seifried (Apr 30)