Vulnerability Development: Re: TCSH problems?

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Vulnerability Development mailing list archives

Re: TCSH problems?

From: "Nasko Oskov" <compnetsecurity () hotmail com>
Date: Wed, 06 Jun 2001 18:34:14 +0300

        After some ktracing, and code auditing by myself and a colleague,
we believe the problem *may* infact be in libc's setenv() and getenv()
functions.  We were able to duplicate the bug on various platforms, mostly
causing signal 6s and dumping cores.  Feedback would be appreciated


> > setenv HOME `perl -e 'print "/" x 10000'`

                                        ^ Length varies from 1024-10000
for effectiveness on diffrent OSes.


nasko () digital:~$ tcsh

setenv HOME `perl -e 'print "/" x 10000'`

Aborted
nasko () digital:~$ uname -a
Linux digital 2.2.19 #2 SMP Sat Jun 2 12:23:40 AKDT 2001 i686 unknown
nasko () digital:~$

Platform: Slack current

Nasko
_________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.

By Date By Thread

Current thread:

Re: TCSH problems? Nasko Oskov (Jun 06)
- <Possible follow-ups>
- RE: TCSH problems? Yonatan Bokovza (Jun 06)