Yes I have many references :D first reference: my knowledge about formatstring vulns in general. Putting an unsanitized string into a formatting function can be triggerd to execute arbitrary code or reveal memory information which subverts Ubuntus VA. Here you can read a good tutorial about it: http://doc.bughunter.net/format-string/exploit-fs.html . second reference: the secunia advisorie telling that it is vulnerable http://secunia.com/advisories/26550/ third reference: the sylpheed author telling that it is vulnerable http://sylpheed.sraoss.jp/en/news.html fourth reference: the codechange by the author in 2.4.5 (which was just a securityfix release) in inc.c, sanitizing the input into alertpanel_error by changing the corresponding code into: alertpanel_error("%s", err_msg);
But now I'm a bit afraid: what did you patch in claws because there the error was exaclty the same and you seem not to recognize it or have a clue about? Are you sure you patched the right code? -- Sylpheed POP3 Format String Vulnerability https://bugs.launchpad.net/bugs/136302 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
