| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 24 Jun 2005 17:56:05 +0200 From: Przemyslaw Frasunek <venglin@...ebsd.lublin.pl> To: adam stevens <aqstevens@...il.com> Cc: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com Subject: Re: Solaris 10 /usr/sbin/traceroute vulnerabilities adam stevens napisaĆ(a): > [root@...us:~] traceroute -s 1.1.1.1. 127.0.0.1 > traceroute: 1.1.1.1. is an invalid IPv4 source address > [root@...us:~] uname -a > SunOS nexus 5.10 s10_54 sun4u sparc SUNW,Sun-Blade-100 On my box (generic unpatched Solaris 10 on amd64), segfault strongly depends on stack layout: atari:venglin:~> traceroute -s 1.1.1.1. 127.0.0.1 traceroute: 144.144.91.194 is an invalid IPv4 source address atari:venglin:~> setenv DUPA `perl -e 'print "A"x500'` atari:venglin:~> traceroute -s 1.1.1.1. 127.0.0.1 traceroute: 4.0.0.0 is an invalid IPv4 source address Segmentation fault It might be also specific to x86 architecture. -- * Fido: 2:480/124 ** WWW: http://www.frasunek.com/ ** NICHDL: PMF9-RIPE * * JID: venglin@...ber.atman.pl ** PGP ID: 2578FCAD ** HAM-RADIO: SQ8JIV * _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists