Results of environment variable fuzzing Debian 5.05 SUID/SGIDs

To: debian-security@lists.debian.org
Subject: Results of environment variable fuzzing Debian 5.05 SUID/SGIDs
From: Silvio Cesare <silvio.cesare@gmail.com>
Date: Tue, 18 Jan 2011 13:49:23 +1100
Message-id: <[🔎] AANLkTim_wSs5yn83+AbxLY78CE-TQuJVDWCDiRVTXkdb@mail.gmail.com>

I environment variable fuzzed the Debian 5.05 repository consisting of the following binaries:

https://github.com/silviocesare/Automated-Audits/blob/master/Debian5.05/EnvironmentVariableFuzzing/05-01-2011/PrivilegedProgramList

This is roughly most but not quite all SUID/SGID programs in Debian. There were some package conflicts which meant I didn't get complete automated coverage of the repository.

I used the public sharefuzz tool which tries using long environment variables to trigger buffer overflows. I had three crashes and reported bugs for each:

toppler http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608979
lbreakout2 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608980
zhcon http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608981

Any followup comments should CC me.

--
Silvio Cesare

Reply to:

Follow-Ups:
- Re: Results of environment variable fuzzing Debian 5.05 SUID/SGIDs
  - From: Steve Kemp <skx@debian.org>
- Re: Results of environment variable fuzzing Debian 5.05 SUID/SGIDs
  - From: Kees de Jong <keesdejong@gmail.com>

Prev by Date: List of SUID/SGID packages and programs in Debian
Next by Date: Re: Results of environment variable fuzzing Debian 5.05 SUID/SGIDs
Previous by thread: Re: List of SUID/SGID packages and programs in Debian
Next by thread: Re: Results of environment variable fuzzing Debian 5.05 SUID/SGIDs
Index(es):
- Date
- Thread