csh/tcsh vulnerability

From: Á¤ ÈÆ¿ (dragory1at_private)
Date: Wed Jun 26 2002 - 20:41:57 PDT

  • Next message: ash: "Re: Java and buffer overflows"

    OS : Solaris 8
     
    [sf280r]#/home/dragory> bash
    [dragory@sf280r dragory]$ export HOME=`perl -e 'print "x"x5000'`
    [dragory@sf280r dragory]$ su
    Password:(input correct password)
    Segmentation Fault (core dumped)
    [dragory@sf280r dragory]$ ls -l core
    -rw-------   1 root       580464 Jun 27 12:29 core
    [sf280r]#/home/dragory> gdb -q tcsh core
    (no debugging symbols found)...Core was generated by `tcsh'.
    Program terminated with signal 11, Segmentation Fault.
    #0  0x29be4 in doglob ()
     
    Is this vulnerable?
    
    
    
    _________________________________________________________________
    MSN Explorer°¡ ÀÖÀ¸¸é Hotmail »ç¿ëÀÌ ÈξÀ Æí¸®ÇØ Áý´Ï´Ù. Áö±Ý 
    http://explorer.msn.co.kr/ ¿¡¼­ ¹«·á·Î ´Ù¿î·ÎµåÇϼ¼¿ä.
    



    This archive was generated by hypermail 2b30 : Wed Jun 26 2002 - 21:59:09 PDT