Bugtraq mailing list archives
Re: [ Hackerslab bug_paper ] Linux dump buffer overflow
From: hdm () SECUREAUSTIN COM (H D Moore)
Date: Tue, 29 Feb 2000 20:57:41 -0600
Hi, Confirmed this on SuSE 6.2. The magic number of bytes is 347. Dump is not su/gid so this seems to be more of an annoyance than a security issue for SuSE boxen (not sure of others). -HD "±è¿ëÁØ KimYongJun (99Á¹¾÷)" wrote:
[ Hackerslab bug_paper ] Linux dump buffer overflow File : /sbin/dump SYSTEM : Linux INFO : The problem occurs when it gets the argument. It accepts the argument without checking out its length, and this causes the problem. It seems that this vulnerability also applies to RedHat Linux 6.2beta, the latest version. [loveyou@loveyou SOURCES]$ dump -f a `perl -e 'print "x" x 556'` DUMP: Date of this level 0 dump: Mon Feb 28 14:45:01 2000 DUMP: Date of last level dump: the epoch DUMP: Dumping xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx to a xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx: ÆÄÀÏ À̸§ÀÌ ³Ê¹« ±é´Ï´Ù while opening filesystem DUMP: SIGSEGV: ABORTING! Segmentation fault [loveyou@loveyou SOURCES]$ dump -f a `perl -e 'print "loveyou" x 556'` DUMP: SIGSEGV: ABORTING! Segmentation fault <= occur ctime4()
Current thread:
- Re: [ Hackerslab bug_paper ] Linux dump buffer overflow Brett Lymn (Feb 29)
- Re: [ Hackerslab bug_paper ] Linux dump buffer overflow Joe Shaw (Mar 01)
- <Possible follow-ups>
- Re: [ Hackerslab bug_paper ] Linux dump buffer overflow H D Moore (Feb 29)
- Re: [ Hackerslab bug_paper ] Linux dump buffer overflow Derek Callaway (Mar 01)
- Foundry Networks ServerIron sequence predictability fix soon to be available Andrew van der Stock (Mar 01)
- Re: [ Hackerslab bug_paper ] Linux dump buffer overflow Przemyslaw Frasunek (Mar 01)
- Re: [ Hackerslab bug_paper ] Linux dump buffer overflow Ronald Huizer (Mar 04)
- OpenLinux 2.3: rpm_query harikiri (Mar 04)
- Re: [ Hackerslab bug_paper ] Linux dump buffer overflow Eugene Teo (Mar 02)
- Re: [ Hackerslab bug_paper ] Linux dump buffer overflow Derek Callaway (Mar 02)
- Re: [ Hackerslab bug_paper ] Linux dump buffer overflow Przemyslaw Frasunek (Mar 03)
- Potential security problem with mtr Viktor Fougstedt (Mar 03)
- Re: Potential security problem with mtr LaMont Jones (Mar 03)
- Re: [ Hackerslab bug_paper ] Linux dump buffer overflow Derek Callaway (Mar 02)
(Thread continues...)