Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Buffer overflow in BitchX-75p3 (Local)

From: s1gnal_9 <s1gnal_9 () SUNOS COM>
Date: Thu, 15 Feb 2001 19:23:11 +0800
Tested on Redhat 7.0

A overflow occurs in the HOME environment.

HOME=`perl -e '{print "A"x"3620"}'`

Program received signal SIGSEGV, Segmentation fault.                     [::::]
0x80f9ff6 in error ()
(gdb) info all-registers
eax            0x41414141       1094795585
ecx            0x4817bf73       1209515891
edx            0x41414141       1094795585
ebx            0xbfffe5dc       -1073748516
esp            0xbfffe5b8       0xbfffe5b8
ebp            0xbfffe5e8       0xbfffe5e8
esi            0xbfffe5e0       -1073748512
edi            0xffffffff       -1
eip            0x80f9ff6        0x80f9ff6

This is not exploitable!
Just a reminder to keep all your program like this one non-suid. I have believe it or not ran into admins that had 
BitchX suid...(yea I could'nt believe it either).

This is for those who care, or maybe interested by it... if your not one of those just delete.

peace, s1gnal_9


--
_______________________________________________
Get your free email from http://sunos.com
Powered by Instant Portal
Previous By Date Next
Previous By Thread Next

Current thread: