Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Subject: Re: Buffer overflow in procmail [suid!]
From: Michal Zalewski (lcamtufDIONE.IDS.PL)
Date: Thu Aug 10 2000 - 10:23:23 CDT

On Thu, 10 Aug 2000, Tobias von Koch wrote:

> Procmail recognizes that the line is a bit too long. alright.
> But if you try something bigger than 2053...
> $ /usr/bin/procmail x=`perl -e "print 1x2054"`
> <Ctrl>-D
> Segmentation fault
> You can get root privileges (with some code) now....

No, you can't. If you feel you can, them prove it. We spend some time
investigating this issue already (right before receiving your post, what a
coincidence :).

Michal Zalewski [lcamtuftpi.pl] [tp.internet/security]
[http://lcamtuf.na.export.pl] <=--=> bash$ :(){ :|:&};:
=-----=> God is real, unless declared integer. <=-----=