Re: [Full-disclosure] Cygwin Bash Buffer Overflow (Cosmin Stejerean)
From: Stejerean, Cosmin (cstejere_at_cs.depaul.edu)
Date: 05/29/05
- Previous message: Piotr Bania: "[Full-disclosure] Compuware Softice (DbgMsg driver) Local Denial Of Service"
- Next in thread: Paul Melson: "RE: [Full-disclosure] Cygwin Bash Buffer Overflow (Cosmin Stejerean)"
- Reply: Paul Melson: "RE: [Full-disclosure] Cygwin Bash Buffer Overflow (Cosmin Stejerean)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 29 May 2005 06:23:27 -0500 To: <full-disclosure@lists.grok.org.uk>
> Cygwin Bash Buffer Overflow
> Author: Rodrigo Gutierrez <rodrigo@intellicomp.cl>
> Affected: Versions of bash distributed by the cygwin project
> vendor url: http://www.cygwin.com
> Type: Local
> Background.
> Cygwin is a Linux-like environment for Windows. GNU BASH is the GNU
> project's UNIX shell. It replaces the standard UNIX Bourne and Korn
> shells.
> Description
> I think that cygwin people are cool, but Full Disclosure is a life
style,
> this is all you get guys, 8 megs.
> PoC
> you@cygwin:~ /usr/bin/bash `perl -e "print 'a'x8388600"`
Which version of bash for Cygwin? I tried your PoC on the latest version
of Cygwin and everything was fine.
Cosmin Stejerean
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Previous message: Piotr Bania: "[Full-disclosure] Compuware Softice (DbgMsg driver) Local Denial Of Service"
- Next in thread: Paul Melson: "RE: [Full-disclosure] Cygwin Bash Buffer Overflow (Cosmin Stejerean)"
- Reply: Paul Melson: "RE: [Full-disclosure] Cygwin Bash Buffer Overflow (Cosmin Stejerean)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
