Re: Gawk Contains an Exploitable Buffer Overflow

bug-gnu-utils

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Gawk Contains an Exploitable Buffer Overflow

From:	Aharon Robbins
Subject:	Re: Gawk Contains an Exploitable Buffer Overflow
Date:	Mon, 22 Apr 2002 16:38:09 +0300

Greetings. Re this:

> Date: Sat, 20 Apr 2002 14:32:13 -0500
> To: address@hidden
> From: KC <address@hidden>
> Subject: Gawk Contains an Exploitable Buffer Overflow
>
> Gawk Contains an Exploitable Buffer Overflow
> http://www.securiteam.com/exploits/5SP0B206WG.html
>
> Vulnerable systems:
> Gawk version 3.1.0
>
> Risk:
> Low. Gawk is not setuid by default, however several programs use it, 
> opening a possibility of privilege escalation.
>
> Exploit:
> [ code deleted ]

You did not state the platform where you encountered the problem.
It's not clear what you get from your C program, I'm guessing a
shell that runs interactively or some commands. Here is what I get
on a Redhat 7.2 system for gawk-3.1.0:

        $ ./exploit 
        local GNU Awk 3.1.0-x proof of concept exploit
        ret: 0xbffffd30
        buf: 8213

        gawk: fatal error: internal error
        Aborted

When I run it against the 3.1.1 code (to be released soon), I get:

        $ ./exploit 
        local GNU Awk 3.1.0-x proof of concept exploit
        ret: 0xbffffd30
        buf: 8213

        gawk: fatal: can't open source file `

Thus, I'm not sure what the problem really is, but I think it's fixed.

Arnold

[Prev in Thread]

Current Thread

[Next in Thread]

Gawk Contains an Exploitable Buffer Overflow, KC, 2002/04/20
- Re: Gawk Contains an Exploitable Buffer Overflow, Aharon Robbins <=

Prev by Date: You or someone you know has Hepatitis C.
Next by Date: Re: gettext, msgfmt -c printf reordering
Previous by thread: Gawk Contains an Exploitable Buffer Overflow
Next by thread: ScanMail Message: To Sender virus found and action taken.
Index(es):
- Date
- Thread