Vulnerability Development mailing list archives
RE: A different bash blues
From: "Adam Gilmore" <vuln () optusnet com au>
Date: Mon, 17 Feb 2003 00:28:50 +1000
I would assume this is also because of a recursive function filling up the stack (it segfaults on my Debian 3.0 on a push %edi in malloc()). I don't know how exploitable this is at all. -----Original Message----- From: admin () badger sytes net [mailto:admin () badger sytes net] Sent: Saturday, 15 February 2003 11:49 AM To: vuln-dev () securityfocus com Subject: A different bash blues In relation to the Bash Blues thread, I have something that may be of interest. eval `perl -e 'print ":;" x 97500'` This causes bash to crash too sig 11. I don't know if this means anything or not, but who knows, it may be useful to someone else. The number 97500 is most likely a lot higher that it needs to be but I have noticed that when I have tried this on different machines, it takes slightly different amounts of :; to get it to crash.
Current thread:
- Re: Bash Blues., (continued)
- Re: Bash Blues. Andrew Walkingshaw (Feb 13)
- Re: Bash Blues. Kurt Seifried (Feb 14)
- Re: Bash Blues. Dack (Feb 14)
- Re: Bash Blues. Roland Postle (Feb 14)
- glibc glob_filename() recurse call stack overflow (Re[2]: Bash Blues) 3APA3A (Feb 15)
- Re: glibc glob_filename() recurse call stack overflow (Re[2]: Bash Blues) Vladamir Shmirnov (Feb 15)
- Re: glibc glob_filename() recurse call stack overflow (Re[2]: Bash Blues) Roland Postle (Feb 16)
- Re: glibc glob_filename() recurse call stack overflow (Re[2]: Bash Blues) spacewalker (Feb 16)
- glibc glob_filename() recurse call stack overflow (Re[2]: Bash Blues) 3APA3A (Feb 15)
- Re: Bash Blues. Andrew Walkingshaw (Feb 13)
- Re: Bash Blues. TerraTrans Security (Feb 14)
- A different bash blues admin (Feb 15)
- RE: A different bash blues Adam Gilmore (Feb 16)
- A different bash blues admin (Feb 15)
- RE: Bash Blues. Adam Gilmore (Feb 14)
- Re: Bash Blues. Peter Pentchev (Feb 14)