Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Vulnerability Development mailing list archives

Re: /usr/bin/Mail buffer 0verfl0w
From: Enrique Maglietta <emagliet () UNCOMA EDU AR>
Date: Thu, 1 Mar 2001 13:12:01 -0300
El miƩ, 28 feb 2001, escribiste:

I found a buffer oveflow in /usr/bin/Mail,it's suid by default on my
Slakware 7.00  K2.2.13
This is the problem:

SunsetZer0:#Mail
Mail version 8.1 6/6/93.      Type ? for help
"/var/spool/mail/root":           2  messages  2  unread

U  1  root                                   Thu Sep  15  02:23    33/1257

"hole in /usr/bin/Mail"
  U  2  sospiro                               Sat Oct    9  18:19  126/6192
"Owned!Owned!"
& t  0 x 2240
0:Invalid   message  number
"Source"  stack  over-pop
Segmentation Fault



I'm test on a SuSE 7.0 , and there is no problem

& t 0x2240
0: Invalid message number
& t 0 x 2240
0: Invalid message number
&

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]