Vulnerability Development mailing list archives
Re: Buffer overflow in awk
From: "Pavel Kankovsky" <peak () argo troja mff cuni cz>
Date: Sun, 17 Mar 2002 15:48:43 +0100 (MET)
On Fri, 15 Mar 2002, Kurt Seifried wrote:
So you are willing to guarentee to us that this awk bug will never be exploitable by an attacker in any circumstance? Cool. Oh wait, that's totally bogus.
No. I can guarantee that a person who can pass arbitrary values to awk's -f option controls the account running such an instance of (GNU) awk without having to resort to the buffer overflow being discussed. Just try those two commands: echo 'BEGIN {system("command of your choice")}' > /tmp/blah awk -f blah Or this single command: echo 'BEGIN {system("command of your choice")}' | awk -f /dev/stdin Of course, the buffer overflow is a bug and it should be fixed. But it is not a real security hole because -f's parameter is a trusted input channel. --Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ] "Resistance is futile. Open your source code and prepare for assimilation."
Current thread:
- RE: Buffer overflow in awk, (continued)
- RE: Buffer overflow in awk Max (Mar 15)
- Re: Buffer overflow in awk Walter Jr. (Mar 15)
- Re: Buffer overflow in awk Charles-Edouard Ruault (Mar 15)
- Re: Buffer overflow in awk JW (Mar 26)
- Re: Buffer overflow in awk Walter Jr. (Mar 15)
- Re: Buffer overflow in awk Jason Stover (Mar 15)
- Re: Buffer overflow in awk wu2ftpd-ovich (Mar 15)
- Re: Buffer overflow in awk Enphourell Security (Mar 19)
- RE: Buffer overflow in awk Mike Batchelder (Mar 15)
- Re: Buffer overflow in awk sekure (Mar 15)
- Re: Buffer overflow in awk Kurt Seifried (Mar 15)
- Re: Buffer overflow in awk Pavel Kankovsky (Mar 17)
- Re: Buffer overflow in awk Jeff Fields (Mar 19)
- Re: Buffer overflow in awk Jirka Kosina (Mar 20)
- Re: Buffer overflow in awk sekure (Mar 15)
- RE: Buffer overflow in awk Max (Mar 15)
- Re: Buffer overflow in awk nilton . gs . sc (Mar 15)
- Re: Buffer overflow in awk Rui Miguel Silva Seabra (Mar 15)
- Re: Buffer overflow in awk Crist J. Clark (Mar 17)
- Re: Buffer overflow in awk Jose Nazario (Mar 18)
- RE: Buffer overflow in awk Hani Mustafa (Mar 24)