RE: A different bash blues

From: Adam Gilmore (vulnat_private)
Date: Sun Feb 16 2003 - 06:28:50 PST

Next message: Some d00d: "VisualBasic auditing"

Previous message: spacewalker: "Re: glibc glob_filename() recurse call stack overflow (Re[2]: Bash Blues)"
In reply to: adminat_private: "A different bash blues"
Next in thread: Adam Gilmore: "RE: Bash Blues."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I would assume this is also because of a recursive function filling up
the stack (it segfaults on my Debian 3.0 on a push %edi in malloc()). I
don't know how exploitable this is at all.

-----Original Message-----
From: adminat_private [mailto:adminat_private] 
Sent: Saturday, 15 February 2003 11:49 AM
To: vuln-devat_private
Subject: A different bash blues

In relation to the Bash Blues thread, I have something that may be of
interest.

eval `perl -e 'print ":;" x 97500'`

This causes bash to crash too sig 11. I don't know if this means
anything
or not, but who knows, it may be useful to someone else. The number
97500
is most likely a lot higher that it needs to be but I have noticed that
when I have tried this on different machines, it takes slightly
different
amounts of :; to get it to crash.

Next message: Some d00d: "VisualBasic auditing"
Previous message: spacewalker: "Re: glibc glob_filename() recurse call stack overflow (Re[2]: Bash Blues)"
In reply to: adminat_private: "A different bash blues"
Next in thread: Adam Gilmore: "RE: Bash Blues."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sun Feb 16 2003 - 10:21:06 PST