[21446] in bugtraq
Re: dip 3.3.7p-overflow
daemon@ATHENA.MIT.EDU (Marcin Marszalek)
Tue Jul 10 11:11:37 2001
Date: Tue, 10 Jul 2001 11:08:58 +0200 (CEST)
From: Marcin Marszalek <mmmad@siodemka.p.lodz.pl>
To: sebi hegi <hegenbart@aon.at>
Cc: <bugtraq@securityfocus.com>
In-Reply-To: <01070920432401.01023@faust>
Message-ID: <Pine.LNX.4.33.0107101103020.17282-100000@siodemka.p.lodz.pl>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
On Mon, 9 Jul 2001, sebi hegi wrote:
> Hi!
> After doing a check on my SuSE linux 7.0 x86 i found something interesting:
>
> hegi@faust:~ > ls -la /usr/sbin/dip
> -rwsr-xr-- 1 root dialout 62056 Jul 29 2000 /usr/sbin/dip
>
> DIP: Dialup IP Protocol Driver version 3.3.7p-uri (25 Dec 96)
> Written by Fred N. van Kempen, MicroWalt Corporation.
> (gdb) run -k -l `perl -e 'print "a" x 130 '`
> Starting program: /usr/sbin/dip -k -l `perl -e 'print "a" x 130 '`
> DIP: Dialup IP Protocol Driver version 3.3.7p-uri (25 Dec 96)
> Written by Fred N. van Kempen, MicroWalt Corporation.
>
> DIP: cannot open /var/lock/LCK..aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa: Datei oder Verzeichnis nicht gefunden
>
> Program received signal SIGSEGV, Segmentation fault.
> 0x61616161 in ?? ()
The same packet and problem is on SuSe 7.1 and RedHat 6.2. I don't have
SuSe 7.2 to check.
