"Brendan O'Dea" <[EMAIL PROTECTED]> writes:
> You're causing a SEGV by attempting to address a non-existant argument
> to printf. You don't need a large number to do this--the same happens
> with:
>
> perl -e 'printf q/%1$vs/'
This was because "%vs" by itself did strange things. Same with "%
On Sun, Dec 11, 2005 at 02:03:20AM +1100, Brendan O'Dea wrote:
> On Thu, Dec 08, 2005 at 12:41:02PM -0800, Charles Stevenson wrote:
> >[EMAIL PROTECTED]:~$ perl -e 'printf("%2918905856\$vs")'
> >Segmentation fault
> >I haven't had time yet but I imagine it might be possible to gain root
> >through
On Thu, Dec 08, 2005 at 12:41:02PM -0800, Charles Stevenson wrote:
>[EMAIL PROTECTED]:~$ perl -e 'printf("%2918905856\$vs")'
>Segmentation fault
>
>I haven't had time yet but I imagine it might be possible to gain root
>through perl-suid.
This is not a buffer overflow.
You're causing a SEGV by at
Package: perl
Version: 5.8.7-7
Followup-For: Bug #341542
[EMAIL PROTECTED]:~$ perl -e 'printf("%2918905856\$vs")'
Segmentation fault
I haven't had time yet but I imagine it might be possible to gain root
through perl-suid.
peace,
core
-- System Information:
Debian Release: testing/unstable
A
4 matches
Mail list logo