[3234] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: SigSev -> Security Hole

daemon@ATHENA.MIT.EDU (Brian Mitchell)
Wed Aug 21 13:09:27 1996

Date: 	Wed, 21 Aug 1996 01:31:54 -0400
Reply-To: Bugtraq List <BUGTRAQ@NETSPACE.ORG>
From: Brian Mitchell <brian@saturn.net>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@NETSPACE.ORG>
In-Reply-To:  <321A64D5.FF6@prince.econ.su.oz.au>

On Wed, 21 Aug 1996, Tim Smithers wrote:

> In regards to the overrunning of arrays,
> is the sigsev, core dumped a true indication of
> an exploitable security hole?
>
> I think quite a few suid binaries exhibit this behaviour
> but how many are exploitable?
>
>         -mouse

Perhaps im missing something, but I thought suid and sgid programs were
non-dumpable. As for the sigsegv itself, it generally means you are
stomping on memory that is not yours to stomp on, this may or may not be
exploitable.

Brian Mitchell                                          brian@saturn.net
"I never give them hell. I just tell the truth and they think it's hell"
- H. Truman


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[3234] in bugtraq

Re: SigSev -> Security Hole

daemon@ATHENA.MIT.EDU (Brian Mitchell)Wed Aug 21 13:09:27 1996

daemon@ATHENA.MIT.EDU (Brian Mitchell)
Wed Aug 21 13:09:27 1996