[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Fwd: Help needed with bufferoverflow in cvs]
From: |
Niels Heinen |
Subject: |
[Fwd: Help needed with bufferoverflow in cvs] |
Date: |
Wed, 20 Feb 2002 18:07:02 +0100 |
FYI
This was posted on vuln-dev@securityfocus.com today.
Kind regards,
Niels Heinen
-------- Original Message --------
Subject: Help needed with bufferoverflow in cvs
Date: Wed, 20 Feb 2002 08:46:14 +0100 (CET)
From: <kn@insecurity.dk>
To: <vuln-dev@securityfocus.com>
Hi all,
it seems that cvs (version 1.10.7 from Debians stable repos) has a
bufferoverflow but I'm but sure if it's exploitable
ls -la /usr/bin/cvs
-rwxr-xr-x 1 root root 490160 Mar 22 2000 /usr/bin/cvs
no suid bit but it's owned by root
cvs diff -C`perl -e "print 'a' x 300"` tables.sql
Index: tables.sql
===================================================================
RCS file: /opt/CVSROOT/procedit/sql/tables.sql,v
retrieving revision 1.1
diff -u -3 -p
-Caaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-r1.1
tables.sql
cvs diff: context length specified twice
Segmentation fault (core dumped)
but couldn't it help someone to get access to the system ?
Best regards
Kim
- [Fwd: Help needed with bufferoverflow in cvs],
Niels Heinen <=
Re: [Fwd: Help needed with bufferoverflow in cvs], Larry Jones, 2002/02/20