Hosting Provided By

RE: A different bash blues

From: Adam Gilmore <vuln(at)optusnet.com.au>
Date: Sun Feb 16 2003 - 09:28:50 EST

I would assume this is also because of a recursive function filling up the stack (it segfaults on my Debian 3.0 on a push %edi in malloc()). I don't know how exploitable this is at all.

-----Original Message-----
From: admin@badger.sytes.net [mailto:admin@badger.sytes.net] Sent: Saturday, 15 February 2003 11:49 AM To: vuln-dev@securityfocus.com
Subject: A different bash blues

In relation to the Bash Blues thread, I have something that may be of interest.

eval `perl -e 'print ":;" x 97500'`

This causes bash to crash too sig 11. I don't know if this means anything
or not, but who knows, it may be useful to someone else. The number 97500
is most likely a lot higher that it needs to be but I have noticed that when I have tried this on different machines, it takes slightly different
amounts of :; to get it to crash. Received on Sun Feb 16 13:21:59 2003

This message: [ Message body ]
Next message: argv(at)hushmail.com: "[argv] BitchX-353 Vulnerability"
Previous message: spacewalker: "Re: glibc glob_filename() recurse call stack overflow (Re[2]: Bash Blues)"
In reply to: admin(at)badger.sytes.net: "A different bash blues"
Next in thread: Adam Gilmore: "RE: Bash Blues."

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:07:38 EDT