Slackware 7.1 :
tshaw:~$ ls -l /usr/bin/Mail
-rwxr-xr-x 1 root bin 75996 Jun 9 2000 /usr/bin/Mail*
tshaw:~$
tshaw:~$ Mail
Mail version 8.1 6/6/93. Type ? for help.
& t 0x2240
0: Invalid message number
& t 0 x 2240
0: Invalid message number
&
On Thu, 1 Mar 2001, K2 wrote:
> SosPiro wrote:
> >
> > I found a buffer oveflow in /usr/bin/Mail,it's suid by default on my
> > Slakware 7.00 K2.2.13
> > This is the problem:
> >
> > SunsetZer0:#Mail
> > Mail version 8.1 6/6/93. Type ? for help
> > "/var/spool/mail/root": 2 messages 2 unread
> > >U 1 root Thu Sep 15 02:23 33/1257
> > "hole in /usr/bin/Mail"
> > U 2 sospiro Sat Oct 9 18:19 126/6192
> > "Owned!Owned!"
> > & t 0 x 2240
> > 0:Invalid message number
> > "Source" stack over-pop
> > Segmentation Fault
> >
> > sospiro
> >
> > "ALl We WaNt is T0 bE HapPy"
> > ---------------------------------
>
>
> You sure that isnt sGid?
>
> snow:~# ls -l /usr/bin/Mail
> -rwx--s--x 1 root mail 75968 Aug 19 1999 /usr/bin/Mail*
>
> That's on my slackware box.
> --
> K2
>
Received on Mar 02 2001
Intro
