Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: xmalloc buffer overflow?

From: Syzop <syz () dds nl>
Date: Fri, 09 Nov 2001 20:21:01 +0100
1. You were logged in as root (or as another user and su'd to root)
2. You executed 'su - nobody'
3. You executed the perl command which tried to alloc a lot of memory
4. Your box was out of memory and your shell started at 2 was killed,
    which brought you back at your rootshell (1).
?

    Syzop.

Robert Freeman wrote:


Can anybody else verify these results? It doesn't matter what `perl -e
'print "." x 90000000'` is appended to, I just chose vi (the vi buffer
overflow being my inspiration). Please use the exploit responsibly; also if
it is redundant, I apologize.

# uname -a
Linux linux 2.4.4-4GB #1 Fri May 18 14:11:12 GMT 2001 i686 unknown  [I know
about the clock...]
# id
uid=500(nobody) gid=100(users) groups=100(users)
# vi `perl -e 'print "." x 90000000'`
bash: xmalloc: cannot allocate 90000001 bytes (0 bytes allocated)
# id
uid=0(root) gid=0(root)
groups=0(root),1(bin),14(uucp),15(shadow),16(dialout),17(audio),65534(nogrou
p)

Robert Freeman
Previous By Date Next
Previous By Thread Next

Current thread: