Bugtraq mailing list archives

Re: Digital Unix 4.0 exploitable buffer overflows

From: assembly () MIS03 MINDINFO COM (FrontLine Assembly)
Date: Thu, 28 Jan 1999 13:41:17 -0800


On Wed, 27 Jan 1999, GANG WANG wrote:

% /usr/bin/mh/inc +foo -audit `perl -e 'print "a" x 8167'` foo
Word too long.
% /usr/bin/mh/inc +foo -audit `perl -e 'print "a" x 2040'` foo
inc: usage: inc [+folder] [switches]
% /usr/bin/mh/inc +foo -audit `perl -e 'print "a" x 2048'` foo
Word too long.
Seems this inc bug has been fixed already.


This bug is present in Digital UNIX 4.0A also.

OSF1 fubar V4.0 464 alpha
Digital UNIX V4.0A  (Rev. 464); Mon Dec 21 00:51:53 CST 1998
lazy> /usr/bin/mh/inc +foo -audit `perl -e 'print "a" x 8181'` foo
inst fault=opdec pid=30125 <inc> pc=0x120000064 ps=0x8 inst=0x1
Illegal instruction



.-----------------------------------------------------------------.
| FrontLine Assembly |  " You Are Only Alive Because Someone Has  |
|                    |___.  Decided To Let You Live " - KMFDM     |
| assembly () leviathan org | URL: http://www.leviathan.org/         |
`-----------------------' `---------------------------------------'

Type Bits/KeyID    Date       User ID
pub  2048/19490121 1997/07/14 FrontLine Assembly

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.3i
Comment: Requires PGP version 2.6 or later.

mQENAzPJ0MgAAAEIAMn9IayyCXcDulFBfQtx64JBgJwbcvCcdX4FoBsdryl47bWq
gx2A9c7Xe1hlhE2f3z/29M/miDxmuZndqFTnQDXd5yRmFoD9KF/Dfyw2o4EiPPPg
kF13xPujz1mIOxlijrRkLjIx/kfHHakYVDCWL4hEfSFqsSsH6aibDf0jFAm28X8j
1PwbgwuwBvvbW6VRtgcoMt4lr9FbBoYiN3P4IHSGjgAA6llAG/0dxtfMV4mqxzw0
mW5GOTrti5Izehd9AOOHRxWxPdyBn6vI5lrm4E1FvaEzv9gKXKEt3ebGev79GY/s
Kd4zivxJRqYWUCO/AMaeYf3csURITWiW3RlJASEABRG0EkZyb250TGluZSBBc3Nl
bWJseYkBFQMFEDPJ0MlNaJbdGUkBIQEB3QAH/i1zVnYe/Y041VMQwvYzVTmRk57d
2YFqUbIR9oZKlPgq88iZ0p0gaJ22m2Ywx75xCKIlm5fslB86Sm5Xry2O/Q/RK0IG
LaUVHJ7F4xRrgoOQcmIpwLMU2F8C3JkzUcdVNvAVCPpJiFaDGZzFgKJMX/YxjvQF
OnENcH9wOvzvMHnFak38Q31DvmEG/rL4RqNWVnD+2iNV4SnvevNI/q41Rsfil/9x
gezekBWnAcevX4Torefs/bFxwqlxjQ9jD/ZeU8pIRAXTMD7dHxHTFK09zs8vvibU
1mqpMZR/Mu11m8/cFRkl7fclByVY1hdaNRtxMYs6JPd1i8QDrKCA82UP18U=
=MVqB
-----END PGP PUBLIC KEY BLOCK-----

Current thread:

Digital Unix 4.0 exploitable buffer overflows Lamont Granquist (Jan 25)
- Re: Digital Unix 4.0 exploitable buffer overflows Seth Michael McGann (Jan 26)
- <Possible follow-ups>
- Re: Digital Unix 4.0 exploitable buffer overflows Larry W. Cashdollar (Jan 26)
- Re: Digital Unix 4.0 exploitable buffer overflows GANG WANG (Jan 27)
  - UNIX shell modem access vulnerabilities Marc SCHAEFER (Jan 27)
  - Re: Digital Unix 4.0 exploitable buffer overflows Lamont Granquist (Jan 28)
  - Re: Digital Unix 4.0 exploitable buffer overflows FrontLine Assembly (Jan 28)
  - E-mailed Trojan Mark E. Duck (Jan 28)