Bugtraq mailing list archives
Re: $HOME buffer overflow in SunOS 5.8 x86
From: SChoe <schoe () CheapTickets COM>
Date: Tue, 5 Jun 2001 14:56:49 -1000 (HST)
Solaris/sparc appears not to be vulnerable.
Solaris 2.6/2.7 SPARC are also susceptable to /usr/bin/mail buffer overflow. Here are the minimum buffer's usable to produce segmentation faults. <---------------------snip---------------------> SunOS <hostname> 5.6 Generic_105181-23 sun4u sparc bash-2.04$ export HOME=`perl -e 'print "A"x1293'` bash-2.04$ mail a ^C mail: Cannot create dead.letter mail: ERROR signal 11 mail: Cannot create dead.letter mail: ERROR signal 11 mail: Cannot create dead.letter mail: ERROR signal 11 (........) Segmentation Fault bash-2.04$ <---------------------snap---------------------> <---------------------snip---------------------> SunOS <hostname> 5.7 Generic_106541-12 sun4u sparc SUNW,Ultra-4 bash-2.04$ export HOME=`perl -e 'print "A"x1099'` bash-2.04$ mail a ^C mail: ERROR signal 10 mail: ERROR signal 10 mail: ERROR signal 10 mail: ERROR signal 10 (........) Segmentation Fault bash-2.04$ <---------------------snap---------------------> +--------------------------------------------------+ | Sung J. Choe / UNIX Admin / www.CheapTickets.com | | | | Ph: 808/945.7439 Fax: 808/946.5993 | :--------------------------------------------------+
Current thread:
- $HOME buffer overflow in SunOS 5.8 x86 Georgi Guninski (Jun 04)
- Re: $HOME buffer overflow in SunOS 5.8 x86 Juergen P. Meier (Jun 05)
- Re: $HOME buffer overflow in SunOS 5.8 x86 Gunnar Wolf (Jun 05)
- Re: $HOME buffer overflow in SunOS 5.8 x86 Tohru Watanabe (Jun 05)
- Re: $HOME buffer overflow in SunOS 5.8 x86 Patrick Finch (Jun 05)
- Re: $HOME buffer overflow in SunOS 5.8 x86 Kris Kennaway (Jun 08)
- Re: $HOME buffer overflow in SunOS 5.8 x86 Gunnar Wolf (Jun 05)
- <Possible follow-ups>
- Re: $HOME buffer overflow in SunOS 5.8 x86 SChoe (Jun 05)
- Re: $HOME buffer overflow in SunOS 5.8 x86 Nicolas Dubee (Jun 05)
- Re: $HOME buffer overflow in SunOS 5.8 x86 Juergen P. Meier (Jun 05)