SuSE 6.2


    Way back  in August  of 1998  H D  Moore posted  a message  to the
    Bugtraq  list  about  a  handful  of  buffer  overflows in various
    utilities that shipped with SuSE  Linux 6.2.  It seems  that after
    a year and half  a few of these  bugs STILL exist.   None of these
    utilities are harmful by themselves, just they may open a security
    hole when called  by a priviledged  program (see compress  below).
    The original message can be found here:

    compress version 2.4.2 (compiled August 98 under RedHat 6.1 / July
    99  SuSE  6.2)  buffer  overflow  in  file  name.  NOT setu/gid or
    anything, but this is the SAME  compress used by the ftpd in  both
    RedHat 6.1 AND SuSE 6.2 in other words: write a file whose path is
    longer than the buffer limit, then request thatfile.Z and you have
    stack space in a  root process.  Someone  want to whip up  a quick
    exploit?  Note:  FTP daemon may  restrict path lengths,  any other
    ideas for exploiting this?

    Example: (on SuSE 6.2)

        loki:/tmp $ compress -V
        Compress version: (N)compress 4.2.4, compiled: Thu Jul 22 23:01:15 GMT
        Compile options:
                REGISTERS=20 IBUFSIZ=1024, OBUFSIZ=1024, BITS=16
        Author version 4.2 (Speed improvement & source cleanup):
             Peter Jannesen  (
        Author version 4.1 (Added recursive directory compress):
             Dave Mack  (
        Authors version 4.0 (World release in 1985):
             Spencer W. Thomas, Jim McKie, Steve Davies,
             Ken Turkowski, James A. Woods, Joe Orost
        loki:/tmp $ compress `perl -e 'print "A" x 1023'`
        AAA...AAA: File name too long
        loki:/tmp $ compress `perl -e 'print "A" x 1024'`
        AAA...AAA: File name too long
        Segmentation Fault
        loki:/tmp $ compress `perl -e 'print "A" x 1173'`
        Segmentation Fault

    Same goes for lha.

        lha version 1.2 (never was updated)
        segfaults start at 19107 characters on SuSE 6.2 AND RedHat 6.1


    Nothing yet.