Vulnerability Development mailing list archives
Re: chsh Segfault on FreeBSD 3.3
From: wilder () HQ ALERT SK (Pavol Luptak)
Date: Sat, 20 May 2000 15:40:09 +0200
On Fri, May 19, 2000 at 01:57:45PM +0200, Fabio Pietrosanti wrote:
Hi, playing with some suid files on my FreeBSD 3.3 (FreeBSD bsd01.nonexist.it 3.3-RELEASE FreeBSD 3.3-RELEASE #0: Thu Jan 1 01:49:51 CET 1998 root@:/usr/src/sys/compile/MATRICE i386 ) i notice thaht chsh return me a Segmentation fault . where you run chsh it start the $EDITOR and give you a tmp file with : #Changing user database information for fabio. Shell: /usr/local/bin/bash Full Name: Fabio Pietrosanti Office Location: Office Phone: Home Phone: Other information: if i delete a line on with information is null( Office Phone or Office Location in this example) chsh magically crash.
I found this bug 5 months ago, I attach document, where this problem was exactly described. Look for Brock Tellier and Michal Zalewski reactions in exploit-development mail archives. Regards, Pavol Luptak -- _______________________________________________________________________ [wilder () hq alert sk] [http://hq.alert.sk/~wilder] [talker: ttt.sk 5678] <HR NOSHADE> <UL> <LI>text/plain attachment: ole_ </UL> <HR NOSHADE> <UL> <LI>application/pgp-signature attachment: stored </UL>
Current thread:
- Re: String checking with PHP, (continued)
- Re: String checking with PHP Arturo Busleiman (May 24)
- Why not a changeling? Daniel Petzen (May 20)
- Re: Why not a changeling? Bluefish (May 20)
- Re: Why not a changeling? Daniel Petzen (May 20)
- Netscape forms using standard windows controls No User (May 21)
- Re: Netscape forms using standard windows controls Derek Reynolds (May 21)
- Re: Netscape forms using standard windows controls Pavel Kankovsky (May 22)
- Re: Netscape forms using standard windows controls Chon-Chon Tang (May 22)
- Re: Why not a changeling? Bluefish (May 21)
- TopLayer layer 7 switch Advisory User nawk (May 20)
- Re: chsh Segfault on FreeBSD 3.3 Pavol Luptak (May 20)
- Re: UPDATE on possible new "e-mail virus" concept ? Jim Paris (May 19)
- Re: UPDATE on possible new "e-mail virus" concept ? Jon Williams (May 20)
- Windows IP Fragment Reassembly Vulnerability Masial (May 20)
- Re: Windows IP Fragment Reassembly Vulnerability Mikael Olsson (May 21)
- Re: Outlook HTML VBS (demo) Michael Hendy (May 21)
- Re: Outlook HTML VBS (demo) Masial (May 22)
- Re: Windows IP Fragment Reassembly Vulnerability Blue Boar (May 21)