/usr/bin/doscmd on BSDI

From: kasper (jayat_private)
Date: Sat Mar 13 1999 - 21:25:44 PST

Next message: Chris Adams: "Microsoft's SMTP service broken/stupid"

Previous message: typoat_private: "Re: SMTP server account probing"
Next in thread: Warner Losh: "Re: /usr/bin/doscmd on BSDI"
Reply: Warner Losh: "Re: /usr/bin/doscmd on BSDI"
Reply: Keith Bostic: "Re: /usr/bin/doscmd on BSDI"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

hi,
        I found (I use the term loosely) a buffer overflow
in /usr/bin/doscmd distributed with BSDI 3.1..

for example :

finally:~ $ /usr/bin/doscmd `perl -e 'print "A" x 1015'`
Segmentation fault

doscmd is setuid executable as well.

I have not "tested" this out on anything other than 2 BSDI 3.1 (x86)
machines. Insight from other types is greatly appreciated.

bye

-jay

Next message: Chris Adams: "Microsoft's SMTP service broken/stupid"
Previous message: typoat_private: "Re: SMTP server account probing"
Next in thread: Warner Losh: "Re: /usr/bin/doscmd on BSDI"
Reply: Warner Losh: "Re: /usr/bin/doscmd on BSDI"
Reply: Keith Bostic: "Re: /usr/bin/doscmd on BSDI"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:39:06 PDT