[7712] in bugtraq
Re: Buffer Overflow?
daemon@ATHENA.MIT.EDU (Tore Andre Klock)
Wed Aug 19 14:59:35 1998
Date: Wed, 19 Aug 1998 14:05:13 -0400
Reply-To: Tore Andre Klock <tore@RICHNET.NET>
From: Tore Andre Klock <tore@RICHNET.NET>
To: BUGTRAQ@NETSPACE.ORG
Adriel Desautels wrote:
> --How to repeat:
> PROMPT> more /etc/passwd | login
> NOTE: you get booted when it it done.
> Log back in, or have a second window and type
> PROMPT> tail /var/adm/messages OR /var/log/messages
Here is what I see happening:
1. Login says: "login:"
2. more says: root:x:0:0..
3. Login says: "Password:"
4. more says: bin:x:1:1:...
5. Login says: "Login incorrect"
6. Repeat from (1) about 3-5 times.
7. Login says: "Too many login attempts"
8. Login kicks you out (like it would if you tried it on the command
line)
It says /dev/??? because the stdin is a pipe, not a tty.
--
