agetty is vulnerable on slackware 7.1... mothership:~$ uname -a Linux mothership 2.2.19-stealth #7 Wed Nov 7 06:54:37 ARST 2001 i586 unknown mothership:~$ cat /etc/slackware-version 7.1.0 mothership:~$ ls -l /sbin/agetty -rwxr-xr-x 1 root bin 13844 Jun 27 2000 /sbin/agetty* mothership:~$ id uid=1000(s0t4ipv6) gid=100(users) groups=100(users),7(lp) mothership:~$ /sbin/agetty 38400 `perl -e 'print "A"x8492'` Segmentation fault ________________________ Matias Sedalo : : Key id : 0x1F5345B7 P G P fingerprint : B7A1 B45E 4906 34BD 70A1 55F8 E5A0 BCA2 .................................................................. On Tue, 4 Dec 2001, Bill Weiss wrote: > Scott Mackenzie(smackenzat_private)@Mon, Dec 03, 2001 at 08:07:50PM +0000: > > SEE MESSAGE : > > 'Can anyone verify a core dump on /sbin/mingetty' > > for the original post > > > > The reason why there is no core dump from /sbin is because I didn't have > > write access - should have noticed that but there you go. > > > > Ok, bit more information: > > > > This problem is positive in the following systems: > > * note there could and probably are more but I've only had word of the > > following systems being tested > > > > Red-Hat 6.0 onwards (not tested any before) upto and including 7.2 > > Mandrake 8.0 2.4.3-20mdksmp (presumably similar to redhat here) > > turbolinux 6.0 > > SCO unix 5.0.5 > > > > (this information was quickly gathered by several people; thanks everyone) > > Slackware 7.0 (maybe 8.0) uses agetty, which is not vunerable, as far as I can tell. > It just spits out a usage error. > > -- Bill Weiss >
This archive was generated by hypermail 2b30 : Tue Dec 04 2001 - 11:21:36 PST