Re: [Full-Disclosure] some small bugs.

From: Noam Rathaus (noamr_at_beyondsecurity.com)
Date: 08/15/04

  • Next message: OpenPKG: "[Full-Disclosure] [OpenPKG-SA-2004.037] OpenPKG Security Advisory (rsync)"
    To: full-disclosure@lists.netsys.com
    Date: Sun, 15 Aug 2004 15:49:22 +0300
    
    

    On Sunday 15 August 2004 00:32, Gabriele Galadini wrote:
    > Hi all,
    >
    > i've found some packages on obsd current version
    > (3.5) on arch x86, give me return problems.
    >
    > I explain:
    >
    > mtv@mercuzio~$ export HOME=`perl -e 'print "A" x 4387'`
    > mtv@mercuzio~$ dpsinfo
    > Segmentation fault
    > mtv@mercuzio~$ export HOME=`perl -e 'print "A" x 4387'`
    > mtv@mercuzio~$ dpsinfo
    > Segmentation fault
    > mtv@mercuzio~$ export HOME=`perl -e 'print "A" x 5763'`
    > mtv@mercuzio~$ dpsexec
    > Segmentation fault
    > mtv@mercuzio~$ export HOME=`perl -e 'print "A" x 1619'`
    > mtv@mercuzio~$ mwm
    > Segmentation fault
    > mtv@mercuzio~$ export HOME=`perl -e 'print "A" x 2915'`
    > mtv@mercuzio~$ xv
    > Segmentation fault
    > mtv@mercuzio~$ export HOME=`perl -e 'print "A" x 1013'`
    > mtv@mercuzio~$ abiword
    > Segmentation fault
    >
    > shell used is bash version 2.05b
    >
    > regards,
    > G.
    Hi,

    Under Debian:

    #ll -l /usr/bin/X11/dpsinfo
    -rwxr-xr-x 1 root root 6456 Jul 7 18:07 /usr/bin/X11/dpsinfo

    # gdb dpsinfo
    GNU gdb 6.1-debian
    Copyright 2004 Free Software Foundation, Inc.
    GDB is free software, covered by the GNU General Public License, and you are
    welcome to change it and/or distribute copies of it under certain conditions.
    Type "show copying" to see the conditions.
    There is absolutely no warranty for GDB. Type "show warranty" for details.
    This GDB was configured as "i386-linux"...(no debugging symbols found)...Using
    host libthread_db library "/lib/tls/libthread_db.so.1".

    (gdb) r
    Starting program: /usr/X11R6/bin/dpsinfo
    (no debugging symbols found)...(no debugging symbols found)...(no debugging
    symbols found)...(no debugging symbols found)...(no debugging symbols
    found)...(no debugging symbols found)...(no debugging symbols found)...(no
    debugging symbols found)...(no debugging symbols found)...(no debugging
    symbols found)...(no debugging symbols found)...(no debugging symbols
    found)...
    Program received signal SIGSEGV, Segmentation fault.
    0x41414141 in ?? ()
    (gdb) bt
    #0 0x41414141 in ?? ()

    ----
    # ll /usr/bin/X11/dpsexec
    -rwxr-xr-x    1 root     root         8184 Jul  7 18:07 /usr/bin/X11/dpsexec
    # gdb dpsexec
    GNU gdb 6.1-debian
    Copyright 2004 Free Software Foundation, Inc.
    GDB is free software, covered by the GNU General Public License, and you are
    welcome to change it and/or distribute copies of it under certain conditions.
    Type "show copying" to see the conditions.
    There is absolutely no warranty for GDB.  Type "show warranty" for details.
    This GDB was configured as "i386-linux"...(no debugging symbols found)...Using 
    host libthread_db library "/lib/tls/libthread_db.so.1".
    (gdb) r
    Starting program: /usr/X11R6/bin/dpsexec
    (no debugging symbols found)...(no debugging symbols found)...(no debugging 
    symbols found)...(no debugging symbols found)...(no debugging symbols 
    found)...(no debugging symbols found)...(no debugging symbols found)...(no 
    debugging symbols found)...(no debugging symbols found)...(no debugging 
    symbols found)...(no debugging symbols found)...(no debugging symbols 
    found)...
    Program received signal SIGSEGV, Segmentation fault.
    0x41414141 in ?? ()
    ----
    So Debian is also vulnerable, both these binaries come with the xbase-clients 
    package.
    -- 
    Thanks
    Noam Rathaus
    CTO
    Beyond Security Ltd.
    Join the SecuriTeam community on Orkut:
    http://www.orkut.com/Community.aspx?cmm=44441
    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html
    

  • Next message: OpenPKG: "[Full-Disclosure] [OpenPKG-SA-2004.037] OpenPKG Security Advisory (rsync)"

    Relevant Pages

    • Re: segmentation fault in sqlite3 on 6.2R amd64
      ... Running it in gdb shows ... Program received signal SIGSEGV, Segmentation fault. ... I do the simple test command as shown in the nabble.com link above ... (no debugging symbols found)......(no ...
      (freebsd-questions)
    • Re: RFC: jemalloc: qdbus sigsegv in malloc_init
      ... GDB is free software, covered by the GNU General Public License, and you are ... This GDB was configured as "i386-marcel-freebsd"...(no debugging symbols found)... ... Breakpoint 1 pending. ... Key 3, destructor 0x0 ...
      (freebsd-current)
    • Re: stack overflow help ..
      ... (no debugging symbols found)...(no debugging symbols ... Program received signal SIGSEGV, Segmentation fault. ...
      (Security-Basics)
    • RE: stack overflow help ..
      ... GNU gdb Red Hat Linux ... Reading symbols from shared object read from target ... (no debugging symbols found)...(no debugging symbols ...
      (Security-Basics)
    • segmentation fault in sqlite3 on 6.2R amd64
      ... In installing trac I ran across a segmentation fault in the initenv command. ... Running it in gdb shows ... This GDB was configured as "amd64-marcel-freebsd"...(no debugging symbols found)... ...
      (freebsd-questions)