|
|
|
|
| |
"ktools main purpose is to provide various text-mode user interface controls without a need to write too much code."
Lack of proper length validation by the ktools product, allows attackers to cause the program to execute arbitrary code by overflowing an internal buffer. |
| |
Credit:
The information has been provided by Siegfried.
The original article can be found at: http://www.zone-h.org/en/advisories/read/id=8480/
|
| |
Vulnerable Systems:
* ktools version 0.3 and prior
The macro VGETSTRING in the header file of kkstrtext.h contain a buffer overflow for any string that is bigger then 1024 chars. The programs centericq, Orpheus, Motor and Groan use ktools and are therefore vulnerable to attack.
Vulnerable Code:
kkstrtext.h:
#define VGETSTRING(c, fmt) \
{ \
va_list vgs__ap; char vgs__buf[1024]; \
va_start(vgs__ap, fmt); \
vsprintf(vgs__buf, fmt, vgs__ap); c = vgs__buf; \
va_end(vgs__ap); \
}
|
|
|
|
|
