Full Disclosure mailing list archives

ipcs on HP-UX 11.0

From: bt () delfi lt
Date: Thu, 27 Mar 2003 20:55:29 GMT

 Hi!



 There is a buffer overflow in /usr/bin/ipcs on HP-UX 11.0 (other versions might be
vulnerable too).

 $ ls -al /usr/bin/ipcs
 -r-xr-sr-x   1 bin        sys          28672 Apr 23  1999 /usr/bin/ipcs

 $ /usr/bin/ipcs -C `perl -e 'print "A" x 2232'`
 Segmentation fault

All ipcs vulnerabilities I know about are on HP Tru64.
This system was patched with PHCO_18374 - the lastest patch for ipcs.
I just wondering if it was known before, and if it was - maybe someone has a working proof
of concept on this.

bt () delfi lt

--------------------------------------------------------------------
This message was sent using DELFI MailMan - http://mailman.delfi.lt/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

ipcs on HP-UX 11.0 bt (Mar 27)
- Re: ipcs on HP-UX 11.0 jon (Mar 28)
- <Possible follow-ups>
- RE: ipcs on HP-UX 11.0 Dawes, Rogan (ZA - Johannesburg) (Mar 28)
- RE: ipcs on HP-UX 11.0 Moraes, Fabio (Mar 28)