Ubuntu
dpkg package

  1. Bug #1389135
  2. Comment #1

Comment 1 for bug 1389135

Revision history for this message
Joshua Rogers (megamansec) wrote :

Yeah, just double checked and it does seem to be a format string vulnerability.

# cat DEBIAN/control
Package: backup
Architecture: %s
Description: script
0 0j 11:13:14 (root@limehost) /var/tmp/ok # ~/srcs/dpkg/dpkg-1.16.1.2ubuntu7.5/dpkg-deb/dpkg-deb --build ./
Segmentation fault