Bugtraq mailing list archives
Re: xterm exploit as promised...
From: frantic () SCT FR (Anthony C. Zboralski)
Date: Wed, 28 May 1997 11:09:45 +0200
For Linux/Slackware-3.1 % uname -a Linux xwing 2.0.0 #5 Fri Feb 21 13:01:20 PST 1997 i486 % /tmp/xx /usr/X11/bin/xload Segmentation fault % /tmp/xx /usr/X11/bin/xlock Segmentation fault % /tmp/xx /usr/X11/bin/xterm Segmentation fault Linux Slackware distribution from ftp.cdrom.com:/pub/linux/slackware Regards, Chris.
$ cat /etc/redhat-release release 4.1 (Vanderbilt) $ uname -a Linux turing.imm.net 2.0.30 #3 Sat Apr 26 22:55:36 MET DST 1997 i686 $ find /usr/X11R6 -perm +6000 -exec ls -l {} \; -rws--x--x 1 root root 144868 Feb 13 03:49 /usr/X11R6/bin/xterm -rws--x--x 1 root root 159472 Nov 20 1996 /usr/X11R6/bin/kterm -rwsr-xr-x 1 root bin 710284 Feb 19 07:54 /usr/X11R6/bin/Xmetro -r-sr-xr-x 1 root root 10464 Dec 19 01:01 /usr/X11R6/bin/XConsole -rwsr-xr-x 1 root root 53464 Jan 31 23:16 /usr/X11R6/bin/rxvt -rwxr-sr-x 1 root uucp 98364 Nov 21 1996 /usr/X11R6/bin/seyon -rwxr-sr-x 1 root daemon 181436 Nov 20 1996 /usr/X11R6/bin/xbill -rws--x--x 1 root root 136504 Nov 20 1996 /usr/X11R6/bin/nxterm -rwsr-xr-x 1 root bin 477408 Aug 16 1996 /usr/X11R6/lib/X11/AcceleratedX/arch/LINUX/Xaccel $ ./testx /usr/X11R6/bin/xterm Segmentation fault $ ./testx /usr/X11R6/bin/kterm ^[[ASegmentation fault $ ./testx /usr/X11R6/bin/XConsole Segmentation fault $ ./testx /usr/X11R6/bin/rxvt rxvt: bad option "-xrm" rxvt: bad option "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa$ [spam] Usage v2.19: rxvt [-help] [-display displayname] [-geometry geom] [-/+rv] [-bg color] [-fg color] [-fn fontname] [-iconic] [-name string] [-title string] [-n string] [-cr color] [-/+ls] [-/+sb] [-sl number] [-/+ut] [-/+vb] [-C] [-e command arg ...] $ ./testx /usr/X11R6/bin/seyon
Warning: Could not execute `seyon-emu. Notice: Falling to `xterm'. Error: Could not execute `xterm'. Notice: Giving up.
$ ./testx /usr/X11R6/bin/xbill Segmentation fault $ ./testx /usr/X11R6/bin/nxterm Segmentation fault Maybe more people should apply the GNU coding standard, we'll have less buffer overflow problems. Anthony -- Anthony C. Zboralski ACZ3 <frantic () sct fr> KeyID 1024/ED8D8A39 Key fingerprint = C5 27 9A 0C 56 30 10 F9 9D 54 EE DB 2C 14 2A 78
Current thread:
- xterm exploit as promised... David Hedley (May 27)
- <Possible follow-ups>
- Re: xterm exploit as promised... Chris Sheldon (May 27)
- Re: xterm exploit as promised... Anthony C. Zboralski (May 28)
- X11R6 resource manager buffer overflow.... David Hedley (May 28)
- interesting bug? in Irix 6.3 David Hedley (May 28)