Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: /usr/bin/Mail buffer 0verfl0w

From: "Nasko ." <compnetsecurity () HOTMAIL COM>
Date: Sat, 3 Mar 2001 17:31:48 +0200
[striker@ibm:~] mail
Mail version 8.1 6/6/93.  Type ? for help.
"/var/spool/mail/striker": 1 message 1 unread

U  1 striker@ibm.localnet  Fri Mar  2 19:35  14/382   "Test"

& t
00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000...
...
00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
0: Invalid message number
"Source" stack over-pop.
Segmentation fault
[striker@ibm:~]

total of 2300 zeros crashes slack

[striker@ibm:~] ls -l `whereis Mail`
lrwxrwxrwx   1 root     root           13 Nov 18 11:33 /bin/Mail ->
/usr/bin/Mail
-rwxr-xr-x   1 root     bin         75996 Jun  9  2000 /usr/bin/Mail
[striker@ibm:~] uname -a
Linux ibm 2.2.16 #4 Tue Feb 20 16:18:26 CST 2001 i586 unknown
[striker@ibm:~]

Nasko
_________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
Previous By Date Next
Previous By Thread Next

Current thread: