Vulnerability Development mailing list archives
Re: Mail bug
From: fintler <fintler () halfbug com>
Date: Mon, 4 Jun 2001 11:34:32 -0400 (EDT)
--- Gossi The Dog <gossi () owned lab6 com> wrote:
Hi, I've discovered slightly odd behavour from /usr/bin/Mail on my Redhat
6.2
box. I don't really have the time to fiddle with this, so I'm hoping
you
guys can provide feedback as to if this is reproducable on other
systems.
Lets start with version numbers; [gossi@owned gossi]$ strings /bin/mail | grep version version Mail version %s. Type ? for help. $OpenBSD: version.c,v 1.4 1996/06/08 19:48:46 christos Exp $
...
If Mail encounters hex character x00 (aka ^@ as vi shows it), it seg faults and dumps it core. On Slackware and (I believe) Debian, Mail is suid root. On Redhat it isn't. Other distros might have the suid bit set. There are two ways to easily reproduce this;
... It worked without any problems (no seg fault) on slack 7.1... fintler@bleedgreen:~$ strings /bin/mail | grep version version Mail version %s. Type ? for help. $OpenBSD: version.c,v 1.4 1996/06/08 19:48:46 christos Exp $ .gnu.version .gnu.version_r fintler@bleedgreen:~$ probally specific to your localhost or rh.... -fintler (fintler () msec net)
Current thread:
- Mail bug Gossi The Dog (Jun 03)
- Re: Mail bug Devdas Bhagat (Jun 04)
- Re: Mail bug Gossi The Dog (Jun 04)
- Re: Mail bug fejed (Jun 06)
- Re: Mail bug Meritt James (Jun 06)
- Re: Mail bug Samu (Jun 04)
- Re: Mail bug Thor (Jun 04)
- <Possible follow-ups>
- Re: Mail bug fintler (Jun 04)
- Re: Mail bug Roland Dworschak (Jun 04)
- Re: Mail bug Alex (Jun 04)
- Re: Mail bug Majid Almassari (Jun 05)
- Re: Mail bug Malf Easance (Jun 07)
- Re: Mail bug Devdas Bhagat (Jun 04)