Summary of responses in this thread: From: PJ <briareosat_private> Doesn't work on Slackware 7.1 This is the result: elvander:~$ man -S `perl -e 'print ":" x 100'` What manual page do you want? elvander:~$ From: Alvin Oga <alvin.secat_private-Consulting.com> i have many patched rh-7.0 ( patched available on March 13, 2001 ) redhat:/usr/src# man -S `perl -e 'print ":" x 100'` What manual page do you want? ----------- redhat:/usr/src# cat /etc/issue Red Hat Linux release 7.0 (Guinness) Kernel 2.2.18-cdhs on an i586 redhat:/usr/src# man -v man, version 1.5h redhat:/usr/src# uname -a Linux redhat 2.2.18-cdhs #5 SMP Wed Jan 31 05:23:44 PST 2001 i586 unknown redhat's default kernel is 2.2.16-22 From: rcs <rastaat_private> Are you sure this has anything to do with heap or buffer overflow ? man -S : man.page will also core dump (Suse btw). From: Joris Roefs <jroefsat_private> [jroefs@router jroefs]$ cat /etc/issue Red Hat Linux release 7.0 (Guinness) Kernel 2.2.19 on an i586 [jroefs@router jroefs]$ man -S `perl -e 'print ":" x 100'` What manual page do you want? Seems that not all RedHat 7.0 installations are vulnerable. This installation is (except for the kernel, as you've propably noticed) as standard as possible, with all existing errata yet to be installed. Could it be that an other (updated) package is responsable for the overflow? From: Hugh Mc Gauran <hugh.mcgauranat_private> confirmed as well on debian woody.. From: "Patrick P. Murphy" <pmurphyat_private> Red Hat 7.1 with man-1.5h1-20 is not vulnerable. Tried 100, 1000, 10000, 100000 with the response "what man page do you want?". At a million, it barfed "argument list too long". From: poke <pokeat_private> Ugggghhhh, ignore my last post. Typo in my test case. I got the segfault on a RH7.0 system as well. -- Elias Levy SecurityFocus.com http://www.securityfocus.com/ Si vis pacem, para bellum
This archive was generated by hypermail 2b30 : Wed May 16 2001 - 09:23:37 PDT