| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20050913222155.4E0D.ALERT7@xfocus.org> Date: Tue Sep 13 15:31:07 2005 From: alert7 at xfocus.org (alert7) Subject: Can executable file(can't read) still be coredumped in solaris ? hi all I also tested succeed on solaris 9 which patched lastest patch.(Kernel version: SunOS 5.9 Generic 118558-02 Jan 2005). It coredumped a executable file which can NOT be read.i think this is a vulnerability. > hi ,dear friends: > > I have tested succeed on solaris 8 > Executable file(can't read) can be coredumped . > Bug I don't know whether it is still exist or not. > > > [alert7@...aris8 solaris]$ uname -a > SunOS Solaris8 5.8 Generic_108528-29 sun4u sparc SUNW,Ultra-5_10 > > COREDUMP enable > example > > [alert7@...aris8 alert7]$ ls -la test > --wx--x--x 1 root pubcvs 6344 Aug 16 11:27 test > [alert7@...aris8 alert7]$ id > uid=108(alert7) gid=102(pubcvs) > > [alert7@...aris8 alert7]$ ps -ef|grep test > alert7 440 380 0 13:59:02 pts/2 0:00 ./test ff > [alert7@...aris8 alert7]$ kill -4 440 > [alert7@...aris8 alert7]$ ./test ff > Illegal Instruction (core dumped) > > [alert7@...aris8 alert7]$ ls -la core > -rw------- 1 alert7 pubcvs 72192 Aug 17 13:59 core > [alert7@...aris8 alert7]$ gdb -q -c core > Core was generated by `./test ff'. > Program terminated with signal 4, Illegal instruction. > #0 0xff31b788 in ?? () > > SIGQUIT > SIGILL > SIGTRAP > SIGIOT > SIGEMT > SIGFPE > SIGBUS > SIGSEGV > SIGSYS > SIGXCPU > SIGXFSZ > > these above signal also can cause process coredump if process not set signal handler > > > -- Best Regards alert7@...cus.org XFOCUS Security Team http://www.xfocus.org
Powered by blists - more mailing lists