Re: csh/tcsh vulnerability

[Idan l. <shadow () x-war net>]

On Thursday 27 June 2002 03:41, you wrote:
> OS : Solaris 8
>
> [sf280r]#/home/dragory> bash
> [dragory@sf280r dragory]$ export HOME=`perl -e 'print "x"x5000'`
> [dragory@sf280r dragory]$ su
> Password:(input correct password)
> Segmentation Fault (core dumped)
> [dragory@sf280r dragory]$ ls -l core
> -rw-------   1 root       580464 Jun 27 12:29 core
> [sf280r]#/home/dragory> gdb -q tcsh core
> (no debugging symbols found)...Core was generated by `tcsh'.
> Program terminated with signal 11, Segmentation Fault.
> #0  0x29be4 in doglob ()
>
> Is this vulnerable?
>
>
>
> _________________________________________________________________
> MSN Explorer°¡ ÀÖÀ¸¸é Hotmail »ç¿ëÀÌ ÈξÀ Æí¸®ÇØ Áý´Ï´Ù. Áö±Ý
> http://explorer.msn.co.kr/ ¿¡¼­ ¹«·á·Î ´Ù¿î·ÎµåÇϼ¼¿ä.


Well depend if you su to another user for example user narf 
And you can overflow it , It is a vulnerability.