Bugtraq mailing list archives

Re: BUG in /bin/bash

From: earle.ake () hcst com (Earle Ake)
Date: Thu, 22 Aug 1996 21:26:14 -0400


According to Red Barchetta:


Their test string "bash -c 'ls\377who'" gave this output on my Solaris 2.5
system:

        bash: ls377who: command not found

Can anyone verify that this is really a problem?


        Yes, it is!  Here is a simple perl script to create the test file
and the file itself in uuencode format.


#!/usr/bin/perl
open(OUT, ">bash.test");
printf OUT ("#!/bin/sh\nbash -c 'ls\377who'\n");
close(OUT);

begin 600 bash.test
;(R$O8FEN+W-H"F)A<V@@+6,@)VQS_W=H;R<*
`
end


-Earle
--
Earle Ake               System Analyst                  Earle.Ake () HCST com
Hassler Communication Systems Technology, Inc.  <URL:http://www.hcst.com/>
2332 Grange Hall Road; Beavercreek, Ohio 45431-2345
Phone: +1 513-427-9000  FAX: +1 513-427-8706

Current thread:

BUG in /bin/bash Seven Up (Aug 22)
- <Possible follow-ups>
- Re: BUG in /bin/bash Red Barchetta (Aug 22)
  - Re: BUG in /bin/bash The Ghost who Admins (Aug 22)
  - Re: BUG in /bin/bash Digital Dreamer (Aug 22)
  - Re: BUG in /bin/bash Earle Ake (Aug 22)
  - IE 3.0? InterAccess Support Manager (Aug 22)
    - Re: IE 3.0? Dave Andersen (Aug 23)
    - More on the UnixWare problem Todd Vierling (Aug 23)
    - resolv+ and finger... C. Hodges (Aug 23)
    - Vulnerability in the Xt library Aleph One (Aug 24)
    - Re: Vulnerability in the Xt library Stefan `Sec` Zehl (Aug 25)
    - Re: Vulnerability in the Xt library Mike Neuman (Aug 27)
    - Re: Vulnerability in the Xt library Casper Dik (Aug 28)
    - Re: Vulnerability in the Xt library Mike Neuman (Aug 28)
    - RFD: libsuid VaX#n8 (Aug 24)

(Thread continues...)