Vulnerability Development mailing list archives
passwd seg fault
From: morria <morria () RPI EDU>
Date: Fri, 9 Feb 2001 00:30:30 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Setting the maximum password length to 12, and a minimum of anything causes a segmentation fault in passwd after it asks for the first iteration of a new password. I use crypt() which requires a maximum length of 8, so trouble is to be expected, but a segmentation fault may of course be an indication of a buffer overflow, which is potentially serious on a program run by root. I have been unable to find any source code to passwd (oddly), so I have not been able to investigate further. The error has been repeated several times on SuSE 6.4 and 7.1, and on kernel 2.2.14 as well as 2.2.16. - -Pentium Cowboy -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com> iQA/AwUBOoOAadvYUmwj2Nm9EQKwiACeKDmfP5kN3aBI3H0RFa+nV/fEKmIAn2kq RERDl+gDP4VaLStUKGJFgsUb =xT5P -----END PGP SIGNATURE-----
Current thread:
- passwd seg fault morria (Feb 08)
- <Possible follow-ups>
- Re: passwd seg fault Bacano Dude (Feb 10)
- Re: passwd seg fault Lord Soth (Feb 10)
- Re: passwd seg fault bacano (Feb 10)
- Re: passwd seg fault Lord Soth (Feb 10)