Vulnerability Development mailing list archives
Re: Help needed with bufferoverflow in cvs
From: Charles 'core' Stevenson <core () bokeoa com>
Date: Wed, 20 Feb 2002 19:15:52 -0700
I can't seem to duplicate the buffer overflow on unstable. Version: ii cvs 1.11.1p1-2 Concurrent Versions System Best Regards, Charles 'core' Stevenson kn () insecurity dk wrote:
Hi all, it seems that cvs (version 1.10.7 from Debians stable repos) has a bufferoverflow but I'm but sure if it's exploitable ls -la /usr/bin/cvs -rwxr-xr-x 1 root root 490160 Mar 22 2000 /usr/bin/cvs no suid bit but it's owned by root cvs diff -C`perl -e "print 'a' x 300"` tables.sql Index: tables.sql =================================================================== RCS file: /opt/CVSROOT/procedit/sql/tables.sql,v retrieving revision 1.1 diff -u -3 -p -Caaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-r1.1 tables.sql cvs diff: context length specified twice Segmentation fault (core dumped) but couldn't it help someone to get access to the system ? Best regards Kim
Current thread:
- Help needed with bufferoverflow in cvs kn (Feb 20)
- Re: Help needed with bufferoverflow in cvs Charles 'core' Stevenson (Feb 21)
- Re: Help needed with bufferoverflow in cvs kn (Feb 21)
- Re: Help needed with bufferoverflow in cvs J. Mallett (Feb 21)
- Re: Help needed with bufferoverflow in cvs Michel Arboi (Feb 21)
- Re: Help needed with bufferoverflow in cvs Charles 'core' Stevenson (Feb 21)