Vulnerability Development mailing list archives

Re: /usr/bin/ddate buffer overflow

From: "enthh () FLASH NET" <enthh () FLASH NET>
Date: Sat, 10 Feb 2001 17:31:48 -0500

no, although out of boredom, heres an exploit

----- Original Message -----
From: "Blue Boar" <BlueBoar () THIEVCO COM>
To: <VULN-DEV () SECURITYFOCUS COM>
Sent: 10 February, 2001 3:17 PM
Subject: Re: /usr/bin/ddate buffer overflow

Are any of these setuid?

BB

SosPiro wrote:


I found a buffer overflow in /usr/bin/ddate (version unknown) "converts
Gregorian dates to Discordian dates.."
I tested it on my Linux Box (RedHat 6.2)
Look at this:

#ddate +AAAA...x 408
Segmentation Fault (core dumped)

sospiro

Attachment: ddate.c
Description:

Current thread:

/usr/bin/ddate buffer overflow SosPiro (Feb 10)
- Re: /usr/bin/ddate buffer overflow Blue Boar (Feb 10)
  - Re: /usr/bin/ddate buffer overflow enthh () FLASH NET (Feb 10)
    - ftp.exe buffer overflow ? cyber_hunter (Feb 10)
    - Re: ftp.exe buffer overflow ? Riley Hassell (Feb 10)
    - Re: ftp.exe buffer overflow ? Mike Duncan (Feb 11)
    - Re: ftp.exe buffer overflow ? Egemen Tas (Feb 11)
    - Re: ftp.exe buffer overflow ? Perry Harrington (Feb 11)
    - Re: ftp.exe buffer overflow ? Michal Zalewski (Feb 11)
    - Re: ftp.exe buffer overflow ? Riley Hassell (Feb 15)
    - Re: ftp.exe buffer overflow ? Michal Zalewski (Feb 15)
    - Re: ftp.exe buffer overflow ? Benjamin Branch (Feb 15)
    - Re: ftp.exe buffer overflow ? Bob Monkier (Feb 15)

(Thread continues...)