Vulnerability Development mailing list archives
Re: csh/tcsh vulnerability
From: Idan l. <shadow () x-war net>
Date: Thu, 27 Jun 2002 12:26:15 +0000
On Thursday 27 June 2002 03:41, you wrote:
OS : Solaris 8 [sf280r]#/home/dragory> bash [dragory@sf280r dragory]$ export HOME=`perl -e 'print "x"x5000'` [dragory@sf280r dragory]$ su Password:(input correct password) Segmentation Fault (core dumped) [dragory@sf280r dragory]$ ls -l core -rw------- 1 root 580464 Jun 27 12:29 core [sf280r]#/home/dragory> gdb -q tcsh core (no debugging symbols found)...Core was generated by `tcsh'. Program terminated with signal 11, Segmentation Fault. #0 0x29be4 in doglob () Is this vulnerable? _________________________________________________________________ MSN Explorer°¡ ÀÖÀ¸¸é Hotmail »ç¿ëÀÌ ÈξÀ Æí¸®ÇØ Áý´Ï´Ù. Áö±Ý http://explorer.msn.co.kr/ ¿¡¼ ¹«·á·Î ´Ù¿î·ÎµåÇϼ¼¿ä.
Well depend if you su to another user for example user narf And you can overflow it , It is a vulnerability.
Current thread:
- csh/tcsh vulnerability 정 훈영 (Jun 26)
- Re: csh/tcsh vulnerability Valdis . Kletnieks (Jun 26)
- Re: csh/tcsh vulnerability Idan l . (Jun 27)