Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Overflows in minicom

From: 11108496 () LIS ULUSIADA PT (Tiago F P Rodrigues)
Date: Sat, 9 May 1998 21:48:55 +0200

 I apologise if this is old, though i haven´t found any message on this
issue on bugtraq in the last few months.

 It seems minicom(distributed with slak3.4) have some overflow
vulnerabilities, namely in the '-p' switch and when you pick a config
file on the arguments. (a strcpy and a sprintf)

 you may test it with:
  $ minicom -p/dev/ttyp`perl -e ´print "A" x 2500´`
    (Some garbage)
    Segmentation fault

 An examination under gdb shows saved EIP=0x414141
 If this is new, I may post an exploit if prompted to.

-----------------------------------------------------------------------------
"There are awfull penalties for crimes against the gods"
                                        - Irish Murdoch
Tiago F. P. Rodrigues   (BlindPoet)
Universidade Lusiada ´98 - PORTUGAL
-----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: