Re: New bugs discovered!

From: Caiaphas Pechorin (caiaphasat_private)
Date: Sun Nov 18 2001 - 23:15:57 PST

Next message: Bernhard Rosenkraenzer: "Re: New bugs discovered!"

Previous message: Nate Amsden: "Re: New bugs discovered!"
In reply to: vuln-dev: "New bugs discovered!"
Next in thread: Cabezon Aurélien: "Re: New bugs discovered!"
Next in thread: Bernhard Rosenkraenzer: "Re: New bugs discovered!"
Reply: Cabezon Aurélien: "Re: New bugs discovered!"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> GOBBLES security is happy to announce the discovery of multiple bugs in
> /bin/gzip, which can be exploited remotely with a bit of creativity.
> Attached is our advisory on the matter.
>
> Enjoy the knowledge and remember to use it responsible.
>
> The GOBBLES Team
> www.bugtraq.org

Tested on Debian Potato:

$ /bin/gzip --version
gzip 1.2.4 (18 Aug 93)
Compilation options:
DIRENT UTIME STDC_HEADERS HAVE_UNISTD_H ASMV

$ /bin/gzip `perl -e 'print "A" x 2048'`
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
[many 'A's snipped]
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA: File name too long

Next message: Bernhard Rosenkraenzer: "Re: New bugs discovered!"
Previous message: Nate Amsden: "Re: New bugs discovered!"
In reply to: vuln-dev: "New bugs discovered!"
Next in thread: Cabezon Aurélien: "Re: New bugs discovered!"
Next in thread: Bernhard Rosenkraenzer: "Re: New bugs discovered!"
Reply: Cabezon Aurélien: "Re: New bugs discovered!"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Nov 19 2001 - 08:30:15 PST