|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: Buffer overflow in procmail [suid!]
From: Michal Zalewski (lcamtuf
DIONE.IDS.PL)Date: Thu Aug 10 2000 - 10:23:23 CDT
- Next message: Adam Prato: "Re: Buffer overflow in procmail [suid!]"
- Previous message: rpc: "Re: Buffer overflow in procmail [suid!]"
- In reply to: Tobias von Koch: "Buffer overflow in procmail [suid!]"
- Next in thread: Martin MOKREJŠ: "Re: Buffer overflow in procmail [suid!]"
- Reply: Michal Zalewski: "Re: Buffer overflow in procmail [suid!]"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Thu, 10 Aug 2000, Tobias von Koch wrote:
> Procmail recognizes that the line is a bit too long. alright.
> But if you try something bigger than 2053...
>
> $ /usr/bin/procmail x=`perl -e "print 1x2054"`
> <Ctrl>-D
> Segmentation fault
>
> You can get root privileges (with some code) now....
No, you can't. If you feel you can, them prove it. We spend some time
investigating this issue already (right before receiving your post, what a
coincidence :).
_______________________________________________________
Michal Zalewski [lcamtuftpi.pl] [tp.internet/security]
[http://lcamtuf.na.export.pl] <=--=> bash$ :(){ :|:&};:
=-----=> God is real, unless declared integer. <=-----=
- Next message: Adam Prato: "Re: Buffer overflow in procmail [suid!]"
- Previous message: rpc: "Re: Buffer overflow in procmail [suid!]"
- In reply to: Tobias von Koch: "Buffer overflow in procmail [suid!]"
- Next in thread: Martin MOKREJŠ: "Re: Buffer overflow in procmail [suid!]"
- Reply: Michal Zalewski: "Re: Buffer overflow in procmail [suid!]"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]