Date: Thu, 27 Dec 2001 02:15:39 -0800 (PST) From: Christophe Bailleux <cb@t-online.fr> To: freebsd-gnats-submit@FreeBSD.org Subject: ports/33236: Buffer Overflow in rwhoisd Message-ID: <200112271015.fBRAFdL76122@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 33236 >Category: ports >Synopsis: Buffer Overflow in rwhoisd >Confidential: no >Severity: critical >Priority: high >Responsible: freebsd-ports >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Thu Dec 27 02:20:01 PST 2001 >Closed-Date: >Last-Modified: >Originator: Christophe Bailleux >Release: Freebsd 4.4 >Organization: Club-internet / T-online France >Environment: FreeBSD sandrine.admin.clubint.net 4.4-RELEASE FreeBSD 4.4-RELEASE #0: Tue Sep 18 11:57:08 PDT 2001 murray@builder.FreeBSD.org:/usr/src/sys/compile/GENERIC i386 >Description: Buffer overflow in rwhoisd. If in rwhoisd.conf, the option use-syslog: YES is enable, it's possbile to create a buffer overflow and gain a remote shell. >How-To-Repeat: In rwhoisd.conf: use-syslog: YES bash-2.05# telnet localhost 4321 Trying 127.0.0.1... Connected to localhost.admin.clubint.net. Escape character is '^]'. %rwhois V-1.5:003fff:00 sandrine.admin.clubint.net (by Network Solutions, Inc. V-1.5.7) AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA Gdb output: Attaching to program: /usr/local/lib/rwhois/sbin/rwhoisd, process 15185 Reading symbols from /usr/lib/libwrap.so.3...(no debugging symbols found)... done. Reading symbols from /usr/lib/libcrypt.so.2...(no debugging symbols found)... done. Reading symbols from /usr/lib/libc.so.4...(no debugging symbols found)...done. Reading symbols from /usr/libexec/ld-elf.so.1...(no debugging symbols found)... done. 0x2812efcc in read () from /usr/lib/libc.so.4 (gdb) c Continuing. Program received signal SIGSEGV, Segmentation fault. 0x41414141 in ?? () (gdb) >Fix: Upgrade the rwhoisd port with the lastest version. >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200112271015.fBRAFdL76122>