Date: Wed, 11 Nov 2009 22:37:44 +0300 From: Eygene Ryabinkin <rea-fbsd@codelabs.ru> To: Damian Weber <dweber@htw-saarland.de> Cc: "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net>, Oliver Pinter <oliver.pntr@gmail.com>, wkoszek@freebsd.org, freebsd-security@freebsd.org Subject: Re: 2009-07-20 FreeBSD 7.2 (pecoff executable) Local Denial of Service Exploit 23 R D Shaun Colley Message-ID: <IkFmzsHv3PpqvmBLOW9PsGc1Y%2Bk@8WwhI1BLREGYCErwiufUu0sfwBM> In-Reply-To: <alpine.BSF.2.00.0911111909340.60404@magritte.htw-saarland.de> References: <6101e8c40907201008n62eeec05r6670a79698bc2ac7@mail.gmail.com> <20091111173311.T37440@maildrop.int.zabbadoz.net> <alpine.BSF.2.00.0911111909340.60404@magritte.htw-saarland.de>
next in thread | previous in thread | raw e-mail | index | archive | help
Wed, Nov 11, 2009 at 07:14:48PM +0100, Damian Weber wrote:
> FWIW, I got another result on 6.4-STABLE
>
> FreeBSD mymachine.local 6.4-STABLE FreeBSD 6.4-STABLE #6: Sat Oct 3 13:06:12 CEST 2009 root@hypercrypt.local:/usr/obj/usr/src/sys/MYMACHINE i386
>
> $ ./pecoff
> MZaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa????aaaa
> [I'm truncating here, ~3500 a's follow]aaaaa: File name too long
You have no pecoff module loaded or compiled-in to the kernel,
aren't you? Your "File name too long" is spitted by the shell,
so it was not handled by the PE loader at all.
--
Eygene
_ ___ _.--. #
\`.|\..----...-'` `-._.-'_.-'` # Remember that it is hard
/ ' ` , __.--' # to read the on-line manual
)/' _/ \ `-_, / # while single-stepping the kernel.
`-'" `"\_ ,_.-;_.-\_ ', fsc/as #
_.-'_./ {_.' ; / # -- FreeBSD Developers handbook
{_.-``-' {_/ #
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?IkFmzsHv3PpqvmBLOW9PsGc1Y%2Bk>