On 29 July 2001 13:57, you wrote: > It seems that some releases aren't affected. Can anyone confirm these ones: > Mandrake 8 groff 1.16.1 > RedHat 6.2 groff 1.15 ? > > I can confirm it works indeed on RedHat 5.2 and 6.1 (default distro). Mandrake 8.0 are vulnerable with groff-1.16.1-7mdk and safe_address 0x8075fab 1: x/i $eip 0x805683c <strcpy+55720>: jmp *0x8066b50(,%edx,4) (gdb) 0x08056853 in strcpy () 1: x/i $eip 0x8056853 <strcpy+55743>: mov $0x1,%edx (gdb) 0x08056858 in strcpy () 1: x/i $eip 0x8056858 <strcpy+55748>: mov %edx,0x8075fac (gdb) 0x0805685e in strcpy () 1: x/i $eip 0x805685e <strcpy+55754>: jmp 0x8056975 <strcpy+56033> (gdb)
This archive was generated by hypermail 2b30 : Sun Jul 29 2001 - 23:17:06 PDT