Vulnerability Development mailing list archives
RE: xmalloc buffer overflow?
From: Gonzalez Albert <albert.gonzalez () siemens com>
Date: Fri, 9 Nov 2001 14:05:55 -0500
Did you su to the nobody user from the root account? -----Original Message----- From: Robert Freeman [mailto:freem100 () chapman edu] Sent: Thursday, November 09, 2000 7:52 AM To: vuln-dev () security-focus com Subject: xmalloc buffer overflow? Can anybody else verify these results? It doesn't matter what `perl -e 'print "." x 90000000'` is appended to, I just chose vi (the vi buffer overflow being my inspiration). Please use the exploit responsibly; also if it is redundant, I apologize. # uname -a Linux linux 2.4.4-4GB #1 Fri May 18 14:11:12 GMT 2001 i686 unknown [I know about the clock...] # id uid=500(nobody) gid=100(users) groups=100(users) # vi `perl -e 'print "." x 90000000'` bash: xmalloc: cannot allocate 90000001 bytes (0 bytes allocated) # id uid=0(root) gid=0(root) groups=0(root),1(bin),14(uucp),15(shadow),16(dialout),17(audio),65534(nogrou p) Robert Freeman ---------------------------------------------------- Sign Up for NetZero Platinum Today Only $9.95 per month! http://my.netzero.net/s/signup?r=platinum&refcd=PT97
Current thread:
- RE: xmalloc buffer overflow? Gonzalez Albert (Nov 09)
- Re: xmalloc buffer overflow? Robert Freeman (Nov 10)