Re: $HOME buffer overflow in SunOS 5.8 x86

From: Kris Kennaway (krisat_private)
Date: Wed Jun 06 2001 - 09:44:13 PDT

Next message: aleph1at_private: "Re: Network Solutions Crypt-PW Authentication-Scheme vulnerability"

Previous message: Jan Grant: "nosymfollow Re: SSH allows deletion of other users files..."
In reply to: Gunnar Wolf: "Re: $HOME buffer overflow in SunOS 5.8 x86"
Next in thread: SChoe: "Re: $HOME buffer overflow in SunOS 5.8 x86"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Jun 05, 2001 at 01:54:11PM -0500, Gunnar Wolf wrote:

> digital> uname -a
> OSF1 digital V4.0 564.32 alpha
> digital> setenv HOME `perl -e 'print "a"x1100'`
> Received disconnect: Command terminated on signal 6.

There was a bug in tcsh which did this, which I reported about 6
months ago and was fixed by Christos.  Not a security vulnerability,
of course, unless your shell is already setugid ;-)

Kris

application/pgp-signature attachment: stored

Next message: aleph1at_private: "Re: Network Solutions Crypt-PW Authentication-Scheme vulnerability"
Previous message: Jan Grant: "nosymfollow Re: SSH allows deletion of other users files..."
In reply to: Gunnar Wolf: "Re: $HOME buffer overflow in SunOS 5.8 x86"
Next in thread: SChoe: "Re: $HOME buffer overflow in SunOS 5.8 x86"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Jun 08 2001 - 13:18:49 PDT