Exploit in strings
2014-10-26 18:48:55.716173+00 by Dan Lyke 0 comments
Really? Don't run "strings" on untrusted files. Apparently at some point some yahoo had the brilliant idea to make the "strings" utility try to understand the structure of files, rather than just looking for strings. Bugs in "libfd" allows for arbitrary code execution from well crafted files.
"strings -a" does what "strings" should do, so is safe.