Vulnerability Development mailing list archives
Re: Vi buffer overflow
From: Rob Paisley <rsp5870 () cs rit edu>
Date: Tue, 13 Nov 2001 18:21:07 -0500 (EST)
Funny -
OpenBSD 2.9 is aok!
spiff:usr {102} uname -a
OpenBSD spiff 2.9 GENERIC#1 i386
spiff:usr {103} vi `perl -e 'print "A" x 9000'`
returns a screen like this:
~
~
~
~
~
~
~
~
~
~
... AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA: new file: line 1
I shortened it for effect. Pretty obvious vi is FINE on OpenBSD 2.9
-Rob
On Tue, 6 Nov 2001, KF wrote:
Date: Tue, 06 Nov 2001 17:22:07 -0500 From: KF <dotslash () snosoft com> To: vuln-dev () security-focus com, recon () snosoft com Subject: Vi buffer overflow Not sure how big of a deal either of these are due to the fact that they are not suid... any thoughts? # vi `perl -e 'print "A" x 9000'` Memory fault - core dumped # du `perl -e 'print "A" x 9000'` Memory fault - core dumped # uname -a SCO_SV scosysv 3.2 5.0.6 i386 -KF
Current thread:
- Re: Vi buffer overflow, (continued)
- Re: Vi buffer overflow Jose Nazario (Nov 08)
- xmalloc buffer overflow? Robert Freeman (Nov 09)
- Re: xmalloc buffer overflow? dotslash (Nov 09)
- Re: xmalloc buffer overflow? Gwendolynn ferch Elydyr (Nov 09)
- Re: xmalloc buffer overflow? Christoph Moench-Tegeder (Nov 09)
- Re: xmalloc buffer overflow? Syzop (Nov 09)
- Re: xmalloc buffer overflow? Lucian Hudin (Nov 09)
- luser beeing able to kill random root owned procs (linux 2.2.20) ? Lucian Hudin (Nov 09)
- Re: xmalloc buffer overflow? Vasisht Tadigotla (Nov 09)
- Re: xmalloc buffer overflow? Kev (Nov 09)
- Re: xmalloc buffer overflow? dotslash (Nov 09)
- Re: Vi buffer overflow Rob Paisley (Nov 13)
- Re: vi buffer overflow Kaneda Akira (Nov 09)
- Re: vi buffer overflow Emmanuel BENOIT (Nov 09)
- Re: vi buffer overflow Matias Sedalo (Nov 09)
- Re: vi buffer overflow Thomas Graf (Nov 09)
- Re: vi buffer overflow walter valenti (Nov 09)
- Re: vi buffer overflow Piyush Agarwal (Nov 09)
- Re[2]: vi buffer overflow Greg Wirth (Nov 09)
- Re: vi buffer overflow Wichert Akkerman (Nov 09)
- Re: vi buffer overflow Robert Jaroszuk (Nov 09)
- Re: vi buffer overflow Vasisht Tadigotla (Nov 09)
- Re: vi buffer overflow Emmanuel BENOIT (Nov 09)
(Thread continues...)