Vulnerability Development mailing list archives
Re: some things to play with
From: vlad () SANDY RU (Vladimir Dubrovin)
Date: Fri, 14 Jul 2000 13:08:01 +0400
Hello Firstname Lastname, 13.07.00 13:39, you wrote: some things to play with; F> enemy:~# cat 2b.c F> #include <unistd.h> F> int main(int argc, char **argv) { F> if (argc < 2) F> exit(-1); F> execvp(argv[1], &argv[2]); F> } F> null pointer crashes in str(r)chr(), basename, ... F> weird behaviour in some other privileged programs (argc = 0)... F> enemy:~# ./2b /usr/bin/gpasswd It's just a buggy code of 2b.c. It must be: int main(int argc, char **argv) { if (argc < 3) exit(-1); execvp(argv[1], &argv[2]); } F> Segmentation fault (core dumped) Vladimir Dubrovin Sandy, ISP Sandy CCd chief Customers Care dept http://www.sandy.ru Nizhny Novgorod, Russia http://www.security.nnov.ru
Current thread:
- Re: BitchX /ignore bug, (continued)
- Re: BitchX /ignore bug Ron DuFresne (Jul 07)
- Re: BitchX /ignore bug Juan M. Courcoul (Jul 07)
- remote exploit Jim Stickley (Jul 07)
- Re: remote exploit Bluefish (Jul 08)
- Re: remote exploit Gerardo Richarte (Jul 10)
- Re: BitchX /ignore bug Matthew S. Hallacy (Jul 06)
- Updated Default Account Database Eric Knight (Jul 06)
- Re: Updated Default Account Database Jesus D. Muz@oz Largo (Jul 12)
- Re: Updated Default Account Database Nathan Einwechter (Jul 12)
- some things to play with Firstname Lastname (Jul 13)
- Re: some things to play with Vladimir Dubrovin (Jul 14)
- Re: some things to play with Firstname Lastname (Jul 14)
- Re: some things to play with Vladimir Dubrovin (Jul 17)
- Red Hat Linux 6.2 - VIM 5.6 Paulo Ribeiro (Jul 12)
- Re: BitchX /ignore bug Jeremy Gaddis (Jul 06)
- (NT) When exploit CGI's that allow viewing of files... Marc (Jul 06)
- Re: (NT) When exploit CGI's that allow viewing of files... Blue Boar (Jul 06)