Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date: Fri, 5 Sep 2014 16:38:14 +0200
From: "Jack Frosch" <ubundude123@....de>
To: oss-security@...ts.openwall.com
Subject: Re: heap overflow in procmail

Hi,

this also crashes aptitude 0.6.8-2.1 on ubuntu, but not formail 3.22-20 on ubuntu.


jack@...ian:~$ gdb -q /usr/bin/aptitude core
Reading symbols from /usr/bin/aptitude...(no debugging symbols found)...done.
[New LWP 19009]
[New LWP 19025]
[New LWP 19026]
[New LWP 19030]

warning: Can't read pathname for load map: Input/output error.
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/i386-linux-gnu/i686/cmov/libthread_db.so.1".
Core was generated by `/usr/bin/aptitude'.
Program terminated with signal 11, Segmentation fault.
#0  0xb73dd2c0 in sigc::internal::signal_emit0<void, sigc::nil>::emit(sigc::internal::signal_impl*) ()
(gdb) x/i $pc
=> 0xb73dd2c0 <_ZN4sigc8internal12signal_emit0IvNS_3nilEE4emitEPNS0_11signal_implE+80>: mov    0x8(%esi),%eax

(gdb) !sh
bye

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.