Vulnerability Development mailing list archives

Re: uugetty mgetty also...

From: Rodrigo Barbosa <rodrigob () bh conectiva com br>
Date: Wed, 5 Dec 2001 13:36:59 -0200

Conectiva Linux does not ship with agetty.


On Tue, Dec 04, 2001 at 03:55:00PM -0500, KF wrote:

How about the agetty? I have seen one other agetty core dump in the 
list I think... a slack 7.1 box. Most people reported an error with 
agetty `perl -e 'print "A" x 9000'`  one did core though

my agetty required an addtional argument. 
agetty `perl -e 'print "A" x 9000'` `perl -e 'print "A" x 9000'`


Rodrigo Barbosa wrote:


Reproduced on Conectiva Linux 7.0.
So far:

mingetty: Not vulnerable
getty: Vulnerable
uugetty: Vulnerable
mgetty: Not vulnerable (only root can execute)

And there goes a question: is there any reason to someone other than root
have execute permission ? mgetty is 700 here.


-- 
 Rodrigo Barbosa                   - rodrigob at bh.conectiva.com.br
 Conectiva S/A                     - Belo Horizonte, MG, Brazil
 "Quis custodiet ipsos custodiet?" - http://www.conectiva.com/

Attachment: _bin
Description:

Current thread:

Re: core dump on mingetty and getty KF (Dec 03)
- Re: core dump on mingetty and getty Michal Zalewski (Dec 03)
- uugetty mgetty also... KF (Dec 03)
  - Re: uugetty mgetty also... Andrew Sharpe (Dec 03)
  - Re: uugetty mgetty also... Rodrigo Barbosa (Dec 04)
    - Message not available
    - Re: uugetty mgetty also... Rodrigo Barbosa (Dec 05)
- sadc Segmentation Fault smackenz (Dec 03)