Vigil@nce - libproxy: invalid format string
December 2012 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker who controls a configuration file used by libproxy can
make it use a malicious format string, in order to execute some
code.
– Impacted products: Unix (platform)
– Severity: 2/4
– Creation date: 29/11/2012
DESCRIPTION OF THE VULNERABILITY
The libproxy library is used to encapsulate details of proxy
configuration in proxy clients programs.
In soma cases, the parsed configuration is displayed with the help
of formating routines of the standard C library, in the routine
print_proxies(). However, the configuraiton file content is
directly used as a format string for printf(), which allows the
attacker to inject code.
An attacker who controls a configuration file used by libproxy can
therefore make it use a malicious format string, in order to
execute some code.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/libproxy-invalid-format-string-12190