Re: Format String Vulnerability in Tripwire

From: Ron Forrester (rjf_at_tripwire.com)
Date: 06/04/04

  • Next message: Lupe Christoph: "Re: Netgear WG602 Accesspoint vulnerability" 
    Date: 4 Jun 2004 17:51:12 -0000
To: bugtraq@securityfocus.com
    ('binary' encoding is not supported, stored as-is) In-Reply-To: <20040603215236.7815.qmail@www.securityfocus.com>

    One more quick note -- I think I had a brain freeze and gave Paul the wrong commerical version numbers. This vulnerability exists in all currently shipping TFS releases, which means <= 4.0.1.

    Sorry I didn't catch this the first time.

    Ron Forrester
    Security Architect
    Tripwire, Inc.

    >>VERSIONS AFFECTED
    >>-----------------
    >>Tripwire commercial versions <= 2.4
    >>Tripwire open source versions <= 2.3.1
    >

  • Next message: Lupe Christoph: "Re: Netgear WG602 Accesspoint vulnerability"

    Relevant Pages

    • Re: Email attachments that cant be opened or dont arrive
      ... > Why would it work this way and not the first time? ... Check to see if the encoding is different for each case. ... systems so it is hard to identify a specific cause related to a particular software, operating system, etc. ... do the attachment procedure and the attachment shows as a line below the subject line and then click "Send." ...
      (microsoft.public.windows.inetexplorer.ie6_outlookexpress)
    • Re: newbe Memory leak
      ... >> Is there a reason that all your replies show the OP in what ... >> appears to be UNICODE or some other encoding or is it just Agent ... Well it certainly wouldn't be the first time that MS decided not ...
      (microsoft.public.vb.general.discussion)
    • Re: what does "serialization" mean?
      ... the first one is pure UTF16. ... I didn't notice that the first time around. ... > character declaration line? ... > with no mention of encoding anywhere there. ...
      (comp.programming)