Red Hat Bugzilla – Bug 91546
/usr/bin/cal stack overflow
Last modified: 2007-04-18 12:53:58 EDT
stack overflow in /usr/bin/cal detected by libsafe.
-- /home/stig > /usr/bin/cal
Libsafe version 2.0.16
Detected an attempt to write across stack boundary.
uid=500 euid=500 pid=30728
Overflow caused by wcscat()
-- stig/obelus (pts/2) -- 0 jobs -- Fri May 23 -- 14:54:37 --
-- /home/stig > whp !$
Name : util-linux Relocations: (not relocateable)
Version : 2.11n Vendor: Red Hat, Inc.
Release : 12.7.3 Build Date: Mon 24 Jun 2002
07:30:23 AM PDT
Install date: Fri 14 Mar 2003 08:44:42 PM PST Build Host:
Group : System Environment/Base Source RPM: util-linux-2.11n-
Size : 2487880 License: distributable
Packager : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla>
Summary : A collection of basic system utilities.
The util-linux package contains a large variety of low-level system
utilities that are necessary for a Linux system to function. Among
others, Util-linux contains the fdisk configuration tool and the login
/usr/bin/cal does not ship setuid and I can't think of a way you'd be able to
exploit this stack overflow. Did you have a particular exploit mechanism in mind?
Closing, please reopen if there is an exploit mechanism for this issue we've