Synopsis: ftpd setproctitle vulnerability NetBSD versions: All Thanks to: Itojun Reported in NetBSD Security Advisory: SA2000-009 --- libexec/ftpd/ftpd.c 2000/05/11 10:14:37 1.61.2.2 +++ libexec/ftpd/ftpd.c 2000/07/08 18:58:10 1.61.2.3 @@ -712,7 +712,7 @@ "%s: anonymous/%.*s", remotehost, (int) (sizeof(proctitle) - sizeof(remotehost) - sizeof(": anonymous/")), passwd); - setproctitle(proctitle); + setproctitle("%s", proctitle); #endif /* HASSETPROCTITLE */ if (logging) syslog(LOG_INFO, "ANONYMOUS FTP LOGIN FROM %s, %s", @@ -722,7 +722,7 @@ #ifdef HASSETPROCTITLE snprintf(proctitle, sizeof(proctitle), "%s: %s", remotehost, pw->pw_name); - setproctitle(proctitle); + setproctitle("%s", proctitle); #endif /* HASSETPROCTITLE */ if (logging) syslog(LOG_INFO, "FTP LOGIN FROM %s as %s", @@ -1507,7 +1507,7 @@ remotehost[sizeof(remotehost) - 1] = '\0'; #ifdef HASSETPROCTITLE snprintf(proctitle, sizeof(proctitle), "%s: connected", remotehost); - setproctitle(proctitle); + setproctitle("%s", proctitle); #endif /* HASSETPROCTITLE */ if (logging)