Vulnerability Development mailing list archives

Re: Can anyone verify a core dump on /sbin/mingetty - FOLLOW UP - Getty also dumping core

From: Przemyslaw Frasunek <venglin () freebsd lublin pl>
Date: Mon, 3 Dec 2001 21:23:06 +0100

On Monday 03 December 2001 21:07, Scott Mackenzie wrote:

This problem is positive in the following systems:
* note there could and probably are more but I've only had word of the
following systems being tested


What's the point of this overflow? Getty isn't suid and init doesn't call it 
with user-controlable arguments. Mgetty on FreeBSD even isn't 
world-executable:

-rwx------  1 root  wheel  94732 18 Sty  2001 /usr/local/sbin/mgetty

-- 
* Fido: 2:480/124 ** WWW: http://www.frasunek.com/ ** NIC-HDL: PMF9-RIPE *
* Inet: przemyslaw () frasunek com ** PGP: D48684904685DF43EA93AFA13BE170BF *

Current thread:

Re: core dump on mingetty and getty, (continued)
- - Re: core dump on mingetty and getty Sean Davis (Dec 03)
- Re: Can anyone verify a core dump on /sbin/mingetty Pedro Miller Rabinovitch (Dec 03)
  - Re: Can anyone verify a core dump on /sbin/mingetty Chip Mefford (Dec 03)
    - Re: Can anyone verify a core dump on /sbin/mingetty J.R. Blain (Dec 03)
    - Re: Can anyone verify a core dump on /sbin/mingetty KF (Dec 03)
- Re: Can anyone verify a core dump on /sbin/mingetty - FOLLOW UP - Getty also dumping core Scott Mackenzie (Dec 03)
  - Re: Can anyone verify a core dump on /sbin/mingetty - FOLLOW UP - Getty also dumping core Bill Weiss (Dec 03)
    - Re: Can anyone verify a core dump on /sbin/mingetty - FOLLOW UP - Getty also dumping - AGETTY too KF (Dec 03)
    - Re: Can anyone verify a core dump on /sbin/mingetty - FOLLOW UP - Getty also dumping core Jeffrey Denton (Dec 03)
    - Re: Can anyone verify a core dump on /sbin/mingetty - FOLLOW UP - Getty also dumping core Matias Sedalo (Dec 04)
  - Re: Can anyone verify a core dump on /sbin/mingetty - FOLLOW UP - Getty also dumping core Przemyslaw Frasunek (Dec 03)
- Re: Can anyone verify a core dump on /sbin/mingetty jon schatz (Dec 03)
  - Message not available
    - Re: Can anyone verify a core dump on /sbin/mingetty jon schatz (Dec 03)
- Re: Can anyone verify a core dump on /sbin/mingetty David Klann (Dec 03)
- RE: Can anyone verify a core dump on /sbin/mingetty Darian Lanx (Dec 03)
- Re: Can anyone verify a core dump on /sbin/mingetty dr john halewood (Dec 04)
- Re: Can anyone verify a core dump on /sbin/mingetty dvdman dvdman (Dec 03)
- Re: Can anyone verify a core dump on /sbin/mingetty Derry Hamilton (Dec 04)