Firstly sorry if the information in the message is way off target; I have
little or no experience with buffer overflow situtions.
After seeing the 'vi' buffer overflow incident, I decided to have a look at
some root processes running a default install on a redhat 7.1 box. After two
minutes I found this:
[smackenz@command user]$ /sbin/mingetty `perl -e 'print "A" x 9000'`
Segmentation fault (core dumped)
After running
[... user]$ ps aux |grep root
there were several 'mingetty' processes running by root. I am at all up on
buffer overflow situations, therefore this could be nothing, however I
thought I may be worth reporting it.
The more I think about this I'm realising that it must be nothing exploitable
however I thought I'd just ask some one who knows what they are talking about
to make sure.
Would appreciate some feedback.
Here's the gdb output::
[smackenz@command user]$ gdb -q /sbin/mingetty
(no debugging symbols found)...(gdb) run `perl -e 'print "A" x 9000'`
Starting program: /sbin/mingetty `perl -e 'print "A" x 9000'`
Program received signal SIGSEGV, Segmentation fault.
0x40085106 in _IO_vfprintf (s=0xbfffd320, format=0x80498cb "%s: %s",
ap=0xbfffd50c) at ../sysdeps/i386/i486/bits/string.h:530
530 ../sysdeps/i386/i486/bits/string.h: No such file or directory.
in ../sysdeps/i386/i486/bits/string.h
(gdb) i r
eax 0x41414141 1094795585
ecx 0xbfffd2c8 -1073753400
edx 0x0 0
ebx 0x401589e4 1075153380
esp 0xbfffcc50 0xbfffcc50
ebp 0xbfffd2e8 0xbfffd2e8
esi 0xbfffcdf0 -1073754640
edi 0x0 0
eip 0x40085106 0x40085106
eflags 0x10246 66118
cs 0x23 35
ss 0x2b 43
ds 0x2b 43
es 0x2b 43
fs 0x0 0
gs 0x0 0
fctrl 0x37f 895
fstat 0x0 0
ftag 0xffff 65535
fiseg 0x0 0
fioff 0x0 0
foseg 0x0 0
fooff 0x0 0
Thanks
Scott Mackenzie.
Bradford University.
