[20930] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: $HOME buffer overflow in SunOS 5.8 x86

daemon@ATHENA.MIT.EDU (Kris Kennaway)
Fri Jun 8 16:18:00 2001

Date: Wed, 6 Jun 2001 09:44:13 -0700
From: Kris Kennaway <kris@obsecurity.org>
To: Gunnar Wolf <gwolf@campus.iztacala.unam.mx>
Cc: "Juergen P. Meier" <jpm@class.de>, Georgi Guninski <guninski@guninski.com>,
        Bugtraq <BUGTRAQ@securityfocus.com>
Message-ID: <20010606094413.E15460@xor.obsecurity.org>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-md5;
	protocol="application/pgp-signature"; boundary="WBsA/oQW3eTA3LlM"
Content-Disposition: inline
In-Reply-To: <Pine.BSO.4.31.0106051346100.1152-100000@campus.iztacala.unam.mx>; from gwolf@campus.iztacala.unam.mx on Tue, Jun 05, 2001 at 01:54:11PM -0500

--WBsA/oQW3eTA3LlM
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

On Tue, Jun 05, 2001 at 01:54:11PM -0500, Gunnar Wolf wrote:

> digital> uname -a
> OSF1 digital V4.0 564.32 alpha
> digital> setenv HOME `perl -e 'print "a"x1100'`
> Received disconnect: Command terminated on signal 6.

There was a bug in tcsh which did this, which I reported about 6
months ago and was fixed by Christos.  Not a security vulnerability,
of course, unless your shell is already setugid ;-)

Kris

--WBsA/oQW3eTA3LlM
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (FreeBSD)
Comment: For info see http://www.gnupg.org

iD8DBQE7Hl3dWry0BWjoQKURArnmAJ9I0L429/yXosllM9MeIpOGVIdb4gCeMKmw
GiNk8CiA2k/4vqkVAE7RTOQ=
=+ooy
-----END PGP SIGNATURE-----

--WBsA/oQW3eTA3LlM--


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[20930] in bugtraq

Re: $HOME buffer overflow in SunOS 5.8 x86

daemon@ATHENA.MIT.EDU (Kris Kennaway)Fri Jun 8 16:18:00 2001

daemon@ATHENA.MIT.EDU (Kris Kennaway)
Fri Jun 8 16:18:00 2001