Vulnerability Development mailing list archives
Re: possible su local D.o.S
From: "Robert Freeman" <freem100 () chapman edu>
Date: Wed, 12 Dec 2001 21:01:20 -0800
I think that it has nothing to do with su, rather malloc() limitations. That is to say that if you tried it with anything else, it probably would have the same effect. On my SuSE 7.2 install, it halts for a second and then exits out of the current shell. Robert ----- Original Message ----- From: "H VC" <overclocking_a_la_abuela () hotmail com> To: <vuln-dev () securityfocus com> Sent: Thursday, December 13, 2001 4:54 AM Subject: possible su local D.o.S
Hi, Dave Ahmad ( da () securityfocus com ) tell me to post this. On a default installation of RedHat 7.2 sh-utils-2.0.11-5 is installed. On
a
RH 7.1 sh-utils version is 2.0.13 ... ¿ Why this ? On my RH 7.2 I tried this : [hvc@condor hvc] $ su `perl -e 'print "A" x 100000000'` and my box got practically frozen. I'm on a K6-II 500 , 128 MB and 550 of swap. I have noticed that it only seems to work whe I parse a user string to su near the limit ( free mem. + swap ). Over this range is detected as a too many large string but also just over the available memory... Why su allows so large user names ? How long could be a unix/linux user name ? Why do not su limit the size of username to the unix/linux max. size of a user name ? Thanks. HVC Hugo Vázquez Caramés IT Security Services Winmat Barcelona Spain overclocking_a_la_abuela () hotmail com _________________________________________________________________ Descargue GRATUITAMENTE MSN Explorer en
http://explorer.yupimsn.com/intl.asp
---------------------------------------------------- Sign Up for NetZero Platinum Today Only $9.95 per month! http://my.netzero.net/s/signup?r=platinum&refcd=PT97
Current thread:
- possible su local D.o.S H VC (Dec 13)
- Re: possible su local D.o.S Flavio Veloso (Dec 13)
- Re: possible su local D.o.S Michal Zalewski (Dec 13)
- Re: possible su local D.o.S Jose Nazario (Dec 13)
- Re: possible su local D.o.S Blue Boar (Dec 13)
- Re: possible su local D.o.S Robert Freeman (Dec 13)
- Re: possible su local D.o.S Emre Yildirim (Dec 13)
- Re: possible su local D.o.S White Vampire (Dec 13)
- Re: possible su local D.o.S Ron DuFresne (Dec 13)
- <Possible follow-ups>
- Re: possible su local D.o.S Frank de Lange (Dec 13)