Vulnerability Development mailing list archives
Re: Buffer overflow in procmail [suid!]
From: Michal Zalewski <lcamtuf () DIONE IDS PL>
Date: Thu, 10 Aug 2000 17:23:23 +0200
On Thu, 10 Aug 2000, Tobias von Koch wrote:
Procmail recognizes that the line is a bit too long. alright. But if you try something bigger than 2053... $ /usr/bin/procmail x=`perl -e "print 1x2054"` <Ctrl>-D Segmentation fault You can get root privileges (with some code) now....
No, you can't. If you feel you can, them prove it. We spend some time investigating this issue already (right before receiving your post, what a coincidence :). _______________________________________________________ Michal Zalewski [lcamtuf () tpi pl] [tp.internet/security] [http://lcamtuf.na.export.pl] <=--=> bash$ :(){ :|:&};: =-----=> God is real, unless declared integer. <=-----=
Current thread:
- Buffer overflow in procmail [suid!] Tobias von Koch (Aug 10)
- Re: Buffer overflow in procmail [suid!] Aaron Campbell (Aug 10)
- Re: Buffer overflow in procmail [suid!] Adam Prato (Aug 10)
- Re: Buffer overflow in procmail [suid!] rpc (Aug 10)
- Re: Buffer overflow in procmail [suid!] HD Moore (Aug 14)
- Re: Buffer overflow in procmail [suid!] Michal Zalewski (Aug 14)
- Re: Buffer overflow in procmail [suid!] Michal Zalewski (Aug 10)
- Re: Buffer overflow in procmail [suid!] Martin MOKREJŠ (Aug 14)
- Re: Buffer overflow in procmail [suid!] Aaron Campbell (Aug 10)