OpenBSD Information for VU#369427
Format string vulnerability in libutil pw_error(3) function
- Vendor Information Help Date Notified: 23 Oct 2000
- Statement Date:
- Date Updated: 17 Nov 2000
From the OpenBSD Security Advisory:
"This vulnerability affects OpenBSD versions through 2.7. FreeBSD 4.0 is vulnerable, but patches have been backported, and FreeBSD versions 4.1 and
4.1.1 are safe. Bill Sommerfield committed a fix to NetBSD today shortly after we notified him of the problem.
OpenBSD users running -current (2.8-beta) with a system dated July 1st or thereafter are safe."
The vendor has not provided us with any further information regarding this vulnerability.
OpenBSD has provided a patch for this vulnerability at: