What is a Format String Exploit?
A format string vulnerability exist if a user can manipulate the format specification passed to a basic C function, such as printf, fprintf, or sprintf, a vulnerability exists. Format string vulnerabilities represent a significant threat for servers and commercial applications. Format string vulnerabilities can be used to locally or remotely execute arbitrary code on a system. The manufacturer’s patch for these vulnerabilities is available and can be downloaded on their Web site: http://sunsolve.sun.com/securitypatch Entercept’s(TM) Protection Entercept’s(TM) patented protection against buffer overflow and format string exploits prevents the execution of arbitrary code as a result of a buffer overflow or a format string attack. Entercept would prevent attack code from being executed as a result of a buffer overrun or format string condition due to these vulnerabilities, protecting the integrity of the server. Additionally, it is important to note that Entercept provides this protection
