[prev in list] [next in list] [prev in thread] [next in thread]
List: full-disclosure
Subject: [Full-Disclosure] THREATCON segv until scripts are fixed
From: silvio () big ! net ! au
Date: 2002-09-30 5:28:04
[Download RAW message or body]
A quick note to say that THREATCON will be inactive until we fix some scripts.
It appears that due to a buffer on the stack (env_argv) not having bounds
checking, our threatcon evaluation software segv'd -->
cat /dev/urandom | bc script
echo THREATCON: CAUTIOUSLY MOVING WITH EARS TO THE GROUND
foo="";i=0;while [ $i -lt 100 ]; do foo="a $foo"; ((i=$i+1)); done; export BC_ENV_ARGS=$foo; bc
apologies for bash specific features above
--
Silvio
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic