I can't seem to duplicate the buffer overflow on unstable. Version: ii cvs 1.11.1p1-2 Concurrent Versions System Best Regards, Charles 'core' Stevenson knat_private wrote: > > Hi all, > > it seems that cvs (version 1.10.7 from Debians stable repos) has a > bufferoverflow but I'm but sure if it's exploitable > > ls -la /usr/bin/cvs > -rwxr-xr-x 1 root root 490160 Mar 22 2000 /usr/bin/cvs > > no suid bit but it's owned by root > > cvs diff -C`perl -e "print 'a' x 300"` tables.sql > > Index: tables.sql > =================================================================== > RCS file: /opt/CVSROOT/procedit/sql/tables.sql,v > retrieving revision 1.1 > diff -u -3 -p > -Caaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-r1.1 tables.sql > cvs diff: context length specified twice > Segmentation fault (core dumped) > > but couldn't it help someone to get access to the system ? > > Best regards > Kim
This archive was generated by hypermail 2b30 : Thu Feb 21 2002 - 11:11:17 PST