Re: NSFOCUS SA2001-04 : Solaris dtmail Buffer Overflow Vulnerability

From: Virtualcat Blackcat (virtualcatat_private)
Date: Tue Jul 24 2001 - 19:36:48 PDT

Next message: Eric D. Williams: "hacker copyrights was [RE: telnetd exploit code]"

Previous message: Thomas Broniecki: "RE: permission probs with Arkeia"
Maybe in reply to: Nsfocus Security Team: "NSFOCUS SA2001-04 : Solaris dtmail Buffer Overflow Vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Couldn't reproduce on SUNOS 5.6
% uname -a
SunOS sundev1 5.6 Generic_105181-19 sun4u 
sparc SUNW,Ultra-1
% echo $SHELL
/usr/bin/ksh
% cp /usr/dt/bin/dtmail .
% export MAIL=`perl -e print "A"x2000'`
% ./dtmail 
<!-- Clicked on [Local] when Xwindow popped up -->
% 
dtmail didn't crash.

% export MAIL=`perl -e 'print "A"x20000'`
% ./dtmail
%
Didn't crash either.

% export HOME=`perl -e 'print "A"x360'`
% ./dtmail                             
Segmentation Fault(coredump)

Looks like there is something in $HOME, not in $MAIL 
as posted.

Regards,
Virtualcat

..oO(I am virtual)Oo.. 
virtualcatat_private

Next message: Eric D. Williams: "hacker copyrights was [RE: telnetd exploit code]"
Previous message: Thomas Broniecki: "RE: permission probs with Arkeia"
Maybe in reply to: Nsfocus Security Team: "NSFOCUS SA2001-04 : Solaris dtmail Buffer Overflow Vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Jul 25 2001 - 12:30:06 PDT