Vulnerability Development mailing list archives

csh/tcsh vulnerability

From: "정 훈영" <dragory1 () hotmail com>
Date: Thu, 27 Jun 2002 03:41:57 +0000

OS : Solaris 8

[sf280r]#/home/dragory> bash
[dragory@sf280r dragory]$ export HOME=`perl -e 'print "x"x5000'`
[dragory@sf280r dragory]$ su
Password:(input correct password)
Segmentation Fault (core dumped)
[dragory@sf280r dragory]$ ls -l core
-rw-------   1 root       580464 Jun 27 12:29 core
[sf280r]#/home/dragory> gdb -q tcsh core
(no debugging symbols found)...Core was generated by `tcsh'.
Program terminated with signal 11, Segmentation Fault.
#0  0x29be4 in doglob ()

Is this vulnerable?



_________________________________________________________________

MSN Explorer가 있으면 Hotmail 사용이 훨씬 편리해 집니다. 지금http://explorer.msn.co.kr/ 에서 무료로 다운로드하세요.

Current thread:

csh/tcsh vulnerability 정 훈영 (Jun 26)
- Re: csh/tcsh vulnerability Valdis . Kletnieks (Jun 26)
- Re: csh/tcsh vulnerability Idan l . (Jun 27)