Vulnerability Development mailing list archives

Re: core dump

From: ljb () OBSIDIAN CO ZA (Leon Breedt)
Date: Thu, 13 Jul 2000 14:55:10 +0200


mount ararat blossom (mount_ararat_blossom () HOTMAIL COM) spake thusly:

my question is that i am new into the topic of vulnerability development
world and i really wonder why unix like OS dumps core files and what is the
importance
of it.

A core dump is a memory image of an application. When the application performs
illegal memory accesses, it gets sent a SIGSEGV signal, aborts, and leaves a
core file in its working directory (if you have enabled this feature with
ulimit). This is useful for debugging a program, but can represent a security
hole if the program had any kind of cleartext passwords in memory at the time
the error occurred.

If a program does this, its usually a case of programmer error (off-by-one,
insufficient error checking, non-robust code).

Regards,

Leon.

--
< Leon Breedt                   : ljb () debian org           >
< Developer, Obsidian Systems   : http://obsidian.co.za    >

Current thread:

CASL & IP Options Gabe Kostolny (Jul 11)
- Re: CASL & IP Options Pedro Quintanilha (Jul 12)
- eEye Digital Security ports nmap to Windows NT Marc (Jul 13)
- Nokia 7110 Wap Browser Hole Aidan O'Kelly (Jul 13)
- core dump mount ararat blossom (Jul 13)
  - Re: core dump Leon Breedt (Jul 13)
  - Re: core dump Kev (Jul 13)
  - Re: core dump Tymm Twillman (Jul 13)
  - Re: core dump Bluefish (Jul 14)
  - Denials of Service Attacks J. Oquendo (Jul 16)
    - Re: Denials of Service Attacks Adam Muntner (Jul 18)
  - Re: core dump Javier Abdul Córdoba Gándara (Jul 17)
  - IIS anonymous user - who? Chris Erasmus (Jul 17)
    - Re: IIS anonymous user - who? Bill Pennington (Jul 18)
  - [Paper] Format bugs. Pascal Bouchareine (Jul 18)
  - IE Script Vul. Frank Town (Jul 18)