Full Disclosure mailing list archives
Re: ipcs on HP-UX 11.0
From: jon () terrasecurity co uk
Date: Fri, 28 Mar 2003 10:53:38 +0000
I found a vulnerability with ipcs a while back (January 2002), but on a different platform. Details:
% uname -a Digital UNIX V4.0F (Rev. 1229) ; OSF1 V4.0 1229 alpha % ls -l /usr/bin/ipcs -rws--x--x 1 root bin 32768 Jun 3 1999 /usr/bin/ipcs % /usr/bin/ipcs -N `perl -e "print 'A' x 314"` Segmentation fault There was also an overflow with the -K option if I remember correctly.I reported this problem to Compaq, the vulnerability was confirmed, and the bug was assigned a tracking number. Since then I have not been able to get any information from Compaq on this issue.
Can anyone confirm this on a later version? Jon bt () delfi lt wrote:
Hi! There is a buffer overflow in /usr/bin/ipcs on HP-UX 11.0 (other versions might be vulnerable too). $ ls -al /usr/bin/ipcs -r-xr-sr-x 1 bin sys 28672 Apr 23 1999 /usr/bin/ipcs $ /usr/bin/ipcs -C `perl -e 'print "A" x 2232'` Segmentation fault All ipcs vulnerabilities I know about are on HP Tru64. This system was patched with PHCO_18374 - the lastest patch for ipcs. I just wondering if it was known before, and if it was - maybe someone has a working proof of concept on this. bt () delfi lt
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- ipcs on HP-UX 11.0 bt (Mar 27)
- Re: ipcs on HP-UX 11.0 jon (Mar 28)
- <Possible follow-ups>
- RE: ipcs on HP-UX 11.0 Dawes, Rogan (ZA - Johannesburg) (Mar 28)
- RE: ipcs on HP-UX 11.0 Moraes, Fabio (Mar 28)