[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: lynx-dev lynx getenv() overflow
From: |
dickey |
Subject: |
Re: lynx-dev lynx getenv() overflow |
Date: |
Thu, 21 Jan 1999 08:29:40 -0500 (EST) |
> 990118 Jorge told us:
> > Fix your bugs.
> > It segfaults when you set your HOME envar to >= 260 characters.
> > It is exploitable, though I don't see why you'd want to,
> > but I wrote it to those who are nonbelievers.
>
> this doesn't say what `it' is, but the following suggests you mean `Lynx'.
>
> > linux lynx overflow. what is it for? example code.
> > my linux 2.0.35 boxen lynx 2.6 but i know that 2.8 is vuln as well
> > because i did it on a debian system with lynx 2.8.
>
> Lynx 2-6 is 2,5 years out-of-date; 2-8 1 year out-of-date.
> for the latest 2-8-1 (9810) goto www.slcc.edu/lynx/release/ ;
> for the latest development version goto sol.slcc.edu/lynx/current/ .
but still. I put this on my list to verify (just because it doesn't
crash on one particular system doesn't mean that the problem doesn't
exist).
> i tested your claim on this IRIX 5.3 system with setenv HOME 'zeros' ,
> where zeros = a set of >= 300 0's; executing Lynx 2-8-1rel.1
> encountered no problem beyond failing to find the bookmark file.
> SUPPORT ___________//___, Philip Webb : address@hidden
--
Thomas E. Dickey
address@hidden
http://www.clark.net/pub/dickey