Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Fri, 5 Sep 2014 16:38:14 +0200
From: "Jack Frosch" <ubundude123@....de>
To: oss-security@...ts.openwall.com
Subject: Re: heap overflow in procmail

Hi,

this also crashes aptitude 0.6.8-2.1 on ubuntu, but not formail 3.22-20 on ubuntu.


jack@...ian:~$ gdb -q /usr/bin/aptitude core
Reading symbols from /usr/bin/aptitude...(no debugging symbols found)...done.
[New LWP 19009]
[New LWP 19025]
[New LWP 19026]
[New LWP 19030]

warning: Can't read pathname for load map: Input/output error.
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/i386-linux-gnu/i686/cmov/libthread_db.so.1".
Core was generated by `/usr/bin/aptitude'.
Program terminated with signal 11, Segmentation fault.
#0  0xb73dd2c0 in sigc::internal::signal_emit0<void, sigc::nil>::emit(sigc::internal::signal_impl*) ()
(gdb) x/i $pc
=> 0xb73dd2c0 <_ZN4sigc8internal12signal_emit0IvNS_3nilEE4emitEPNS0_11signal_implE+80>: mov    0x8(%esi),%eax

(gdb) !sh
bye

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ