Vulnerability Development mailing list archives
Re: pine overflow
From: Rodrigo Barbosa <rodrigob () tisbrasil com br>
Date: Fri, 22 Feb 2002 15:47:00 -0300
Tested with Conectiva Linux. On Thu, Feb 21, 2002 at 07:56:42AM -0000, Andrei Tudorache wrote:
Here are some tests I've made in << PINE 4.21 >>.
pine-4.44L-1cl
[root@softly /root]# pine -attach `perl -e 'print "A" x 20429'` Segmentation fault (core dumped) [root@softly /root]#
core: ELF 32-bit LSB core file of 'pine' (signal 11), Intel 80386, version 1 (SYSV), from 'pine' Veredict: Vulnerable. Stupid question: Is there even a small chance of it being exploitable ? []s -- Rodrigo Barbosa - rodrigob at tisbrasil.com.br TIS - Belo Horizonte, MG, Brazil "Quis custodiet ipsos custodes?" - http://www.tisbrasil.com.br/ Brainbench Certified -> Transcript ID #3332104
Current thread:
- pine overflow Andrei Tudorache (Feb 21)
- Re: pine overflow Jose Nazario (Feb 21)
- Re: pine overflow Rodrigo Barbosa (Feb 23)
- Re: pine overflow Kurt Seifried (Feb 23)
- <Possible follow-ups>
- Re: pine overflow Wodahs Latigid (Feb 22)
- Re: pine overflow Wodahs Latigid (Feb 22)