Home page logo
/

bugtraq logo Bugtraq mailing list archives

Buffer overflow in sperl5.003
From: jtmurphy () CRAY1 ECST CSUCHICO EDU (Murphy)
Date: Thu, 17 Apr 1997 14:11:09 -0700


  This message is in MIME format.  The first part should be readable text,
  while the remaining parts are likely unreadable without MIME-aware tools.
  Send mail to mime () docserver cac washington edu for more info.

---242971389-615984271-861311469=:24662
Content-Type: TEXT/PLAIN; charset=US-ASCII


 Its came to my attention that there is a buffer overflow bug in
sperl5.003 that will allow local users gain root access, if SUID root.
 The exploit and bug was made and brought to my attention by Willy Tarreau
(tarreau () aemiaif ibp fr).
 Attached is the source for the exploit. Since it requires some work to
be done to the compiled exploit (Stripping of 5 byte at the begining and
end of the binary), the precompiled Linux x86 exploit can be found at
http://www.ecst.csuchico.edu/~jtmurphy/localusers.html.

PS. Have a nice a day.

--
----------------------------------------------------------------------------
Jason T. Murphy |  Finger for PGP Public Key  | jtmurphy () ecst csuchico edu
  The Linux Security Home Page -> http://www.ecst.csuchico.edu/~jtmurphy
Security buff, Linux Freak, PC Tech @ Chico State, and all around nice guy.

---242971389-615984271-861311469=:24662
Content-Type: APPLICATION/octet-stream; name="sperlexp.tgz"
Content-Transfer-Encoding: BASE64
Content-ID: <Pine.LNX.3.96.970417141109.24662B () cray1 ecst csuchico edu>
Content-Description:

H4sIAFcBVTMAA+1a3W7bRhb2rWf3IY6VdCW5FEXq17Wboq5joNk2sRHL6AZt
kY7IkTQIf7TDoSyi6GKBvepF36WPsBd7tcA+xD7G3u05Q0p2ksJuCltG0PkS
WyJneOZwZr7znUMzmwsVtbfuFNDzhkMftgBgOOybT7/XM58VPIBBt9PveF7f
G2Cr7/e7W9C/W7dK5JnmCmALfyvB82v6CZVtwqHNIjPrr1XBo8g1B7c/hu95
w/416z/sDsr194eDbh/3gt8ddAZb4N2+K2/jd77+D3baY5m0dZDN2APQMwHZ
TEQRJDwWIDOYyoVIYFxAXQSzFFoJuK5bB56EEOPUwViAWPJARwUMIZhxlcFM
KOGgsVRBkeZ1NDbjCwE6hTgN5aQoR9E8eAVjngmYYEc6Vf/y+LAOMsm0ygMt
0wS/UwOaytJcBdhDLEXg8r1B3cWTL9IcAp5AkM4LaOeZMnciQxqpreO5cVLl
iTmg82Ra8NCF0YzrOt5bmlLn1GXm3mqn6MDZMTw+gWcnIzjHr6PPn5zB6ASO
nh8efQGHcPbibHT81IHPzkfw5/OzEbWNjvHzxcn587NvduhfjWVCw4JH8AgD
2dBjFzMZCWg8pFMfg9/pec1ywJEqZDIFamBr/w0H+67ndeE7t63m2rQfBFyD
uXvsc7Bainp5xax+4LZFNgeMn9+xT2nsDz9kIgnZzetf8v/58eHjp8d3tceQ
/4OBdw3/O70V/4fdYQdbO37Xt/zfBI5mAnmIPFUw53pmyFhtwSXCgXweco2h
QFdshCxQEnflVckgpjFimtQu0ZI4nwgRAgcKLERIatUzDCjl5S6cmOhgCFxe
CTFPcjRZuOwkgbiADixwyjEOZA6sWeEbVl+SxKEriRi5FhmOp9JUVyGMa4b8
67qMjdBtwbNCYMC64MVr/uB/PMxkPMcQpos5RpmYvxJ1F55QjDiN8mnrWes0
wsv2W03GHqdJHa2kShXAx2muzaTUMjGNRaK5iVsTnke6RgGwNiHum2CKgQai
NJnWIBZZxqcic8kxtKKwR6piDA+ZTDDMXcZHdE6JCyW1xiC8w9hXEucHRuVW
Zazas59yEUsuJ64cz92J+hWsv0TJ/6d4x+Tp3ewx4n/vGv73r+h/x+8T/4de
1/J/E0DC7QNpBynNSmDYtvtaSshYEAme7LNtFUNrsu6/66aw+zcUYCUYe2CA
ujxCocf9tLbmvJkGIPf2AXi2N4DWeN0NVuKOJojjyILyUqRAnC5KWvRhIhWy
mDr0IeKUgRTE/AuJwYsD2uFITBFKjexrjAVfNNHeE5irdCHDiltlNkF5islK
yFkaJ09CXGNNtmfpBQUWpPkrpCnd1TvCMPWdmHg/KPmPC+oGdzbGDfzvdHqX
/B/2u8T/Tqdv+b8JtHdvDW3W3gU44lGQR5QyXMrYPJWJFooS03yV76O0ISen
iscunBnZQ76FqchIXqEytiAyYxZQYLERYHKi0hjSRKyuJPbyJMWBFCX3a36T
3JocwDHHlTEldK4SzEpKNyjzwOoF1zVcRQ9TEPAgyBUPCioTBKDAz1HjKVFI
sMfasyrQTEi3MeFIcSD8xFuozAZpgim7SPAnvOomFjeU81eojGFnzWVCDRwn
S5kkIp3g+VC48BVXpmlnx3hUer++GarCzJStjJkoy5OCDEidQa+KkFSVoCOe
Q3kJxTaMUOQp+lvHWoG6l85h6rM2tqqx5pT/lLOkpguTMeVjjdOEobjySKdX
CzuBMyOoeiTPK2PSOJDpECfVfdeAukZl7Hbw24yVadgvG7tFOrEHyIsox139
MU6aTN3ZJ4xllGMGuBsjiUSYClzaeaMJ3zOAly95Fr982cAMM11E8AG2OB8I
voRa84D9wFiMewwaSEVaxMAx5Trs7tKKlgYoPUUVzOSUdhZefoAnqX8oAh49
8uiQzkygQRY+8ZtVC9eppFOLr/1vm1UvvPzRyr2W6UYNE8pmReNP5FvP8Z1y
NzSvbfrhPdDR9xWl/mMyd3/67/e6w3X93xl4Rv+79vnfRnCLAWt3F0mMEnWp
7KuyGkvLKINVrVw+UkzyeIx6iKpj5MmFzwoMJqZyNqpNtqiFpNdb9nxo1A/r
TbiYSUwEsOJQGCbSJMxQzhLSMMowIjg6PSeNqWHgBBEsa1TFk6UgzaOwlMax
oAeaQlNCgl1xXeHZySk0vOVHXtOBsfESB6XoiPpGqYXJSf6aY3QiW3MUSc3H
ERUS5rlIhuW7Ng8YjL6JSAQmFUjXD0xoSPP4AC8/TIoLXjhQe/LsCI6P/lJb
Zz2YSdBwVH+sTqETybTMaigZqGfoOd6FxArGIWPkwYSShmrCx4onwUxkq4c1
sQxDdBRnmfITZ5WgmKcfpP/UB8XfJVvst+kgu80dhKL3i6pH0nWdclGTrISH
8suGfEOT5IFslfOPC5hrMtCgbdU8AMAMoNovJOGoXEupG97vQ3iq+q8qve9m
jJue//hDbxX/+/2eef7T92z83wi2MVWkne9gOGXbS6QOJowO/rDteZ7NwHyL
BAcxXjpfY6fW8Fu2zUOTHjp+52q38tsYvxmjIdoJqgMeOb7Ptomm3nLPY9v3
fd8WJa7wH0vauxnjJv5D9fefbr8zMLHA79i//24IP/7X/+fpT988/N8//vXH
07Mf//3zH/7z9/v2yWJzeO39j6lIhJK3Xgje9P5Hf9i78v5Pj1p9r2P5vwlc
ff/j8r2Fj/befm3BW7220Erg+enIvJYA++zh7q95T4HewLjmPYUrb0y8PXSn
t5mhcZg3h+7t3eXQ9732FhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYW
FhYWFhYWFhYW7yf+D4S0HUYAUAAA
---242971389-615984271-861311469=:24662--



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]