|
Vulnerability Development
mailing list archives
Re: procmail heap overflow
From: Artur Byszko / bikero <bikero () security hack pl>
Date: Thu, 20 Jun 2002 21:27:39 +0200
W Wed, Jun 19, 2002 at 04:00:12PM -0700, Peter Mueller wrote:
Looks like 4.6-PRERELEASE is ok.
uname -a
FreeBSD xxx.yyy.com 4.6-PRERELEASE FreeBSD 4.6-PRERELEASE #2: Sun May 5
22:57:25 PDT 2002 root () localhost:/usr/obj/usr/src/sys/xxx i386
/usr/local/bin/procmail `perl -e '{print "A"x10240}'`=A
Word too long.
But in 4.6-STABLE:
bikero () phreak:~$ uname -a
FreeBSD phreak.uni.cc 4.6-STABLE FreeBSD 4.6-STABLE #1: Wed Jun 19 10:47:52
CEST 2002 bikero () phreak uni cc:/usr/obj/usr/src/sys/bikero-security i386
bikero () phreak:~$ /usr/local/bin/procmail `perl -e '{print "A"x10240}'`=A
^Cprocmail: Terminating prematurely
Segmentation fault (core dumped)
regards,
--
* \x41\x72\x74\x75\x72\x20\x42\x79\x73\x7a\x6b\x6f *
* \x62\x69\x6b\x65\x72\x6f\x40\x45\x46\x4e\x45\x54 *
Attachment:
_bin
Description:
 By Date 
By Thread
Current thread:
- RE: procmail heap overflow, (continued)
| 
Intro
