On Sat, 4 Jul 1998, CyberPsychotic wrote: (...) > Here's how i tested it: > pakage Dslip, version 2.03 > (sunsite.unc.edu/pub/Linux/system/Network/serial/dslip203.tgz) > The package is rather old, but I found it being used on some Linux > machines around. > gdb allocslip > > GDB is free software and you are welcome to distribute copies of it > under certain conditions; type "show copying" to see the conditions. > There is absolutely no warranty for GDB; type "show warranty" for details. > GDB 4.16 (i586-unknown-linux), Copyright 1996 Free Software Foundation, > Inc... (no debugging symbols found)... (gdb) run b_s `perl -e ' printf > "A" x 300'` [usual GDB mesages] > GO! sh: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA > AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA > AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA > AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA: command > not found > > Program received signal SIGSEGV, Segmentation fault. > 0x41414141 in ?? () > (gdb) > I downloaded it form sunsite.unc.edu/pub/Linux/system/network/serial/dslip203.tgz, and it does not seem to be vulnerable: emsi:~/hack/dslip/slip/bin> ./allocslip b_s `perl -e ' printf "A" x 300'` GO! Or even: emsi:~/hack/dslip/slip/bin> ./allocslip b_s `perl -e ' printf "A" x 6000'` GO! It does NOT segfault (my system is Slackware 3.4 with 2.0.34 Kernel). So it was fixed or is not vulnerable at all (I tested it on both - precompiled and compiled myself). -- ___________________________________________________________________________ M.C.Mar An NT server can be run by an idiot, and usually is. emsiat_private "If you can't make it good, make it LOOK good." - Bill Gates Moze to nie miejsce, ale tak np. programy M$ to swoiste pomniki glupoty.
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:02:19 PDT