-----BEGIN PGP SIGNED MESSAGE----- Happy new year. Take a look at this: r00t:~$ ls -las `which artswrapper` `which artsd` 4 -rwsr-xr-x 1 root root 4048 Dec 28 22:43 /usr/bin/artswrapper* 120 -rwxr-xr-x 1 root root 117644 Dec 28 22:43 /usr/bin/artsd* r00t:~$ artsd -m `perl -e 'print "A"x3000'` Segmentation fault r00t:~$ gdb artsd GNU gdb 5.1 Copyright 2001 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i386-linux"...(no debugging symbols found)... (gdb) r -m `perl -e 'print "A"x3000'` Starting program: /usr/bin/artsd -m `perl -e 'print "A"x3000'` - - -----------cut-------------- Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 1024 (LWP 11372)] 0x41414141 in ?? () r00t:~$ artswrapper -m `perl -e 'print "A"x3000'` >> running as realtime process now (priority 50) Segmentation fault Is this exploitable? r00t:~$ dpkg -s libarts | grep Version Version: 4:2.2.2-10 Using Debian Sid. - -- Linux registered User #142704 Clave PGP: http://www.keyserver.net:11371/pks/lookup?search=Fuska&op=get Fingerprint = F6B3 B665 95FA B9D0 13FD 72D5 5106 22F7 58BD 7EDE ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Vosotros me imponeis la ley del silencio | You are in a dark room with a poque teneis miedo de que este, vuestro | compiler, emacs, an internet mundo, no sea el mejor de los mundos | connection, and a thermos of sino el peor, el mas sordido. - Dario Fo | coffe. Your move? -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 5.0i for non-commercial use MessageID: 4q2WLd8+MvqQK9xhebZuGUc7ZoVx6F/z iQA/AwUAPDUKDFEGIvdYvX7eEQK+mwCglluFmjdk/L3YvHl40iUIReX1s+4AoJkm WvVT8je7pBYymCdaaGbTUr0H =P17j -----END PGP SIGNATURE-----
This archive was generated by hypermail 2b30 : Thu Jan 03 2002 - 18:10:45 PST