Falselogin gives buffer overflow out-of-the-box
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
falselogin (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
I just installed falselogin on an Ubuntu 12.04 machine. I added the path /usr/bin/falselogin as the shell for an account. When I log in it immediately emit buffer overflow and crashes. Same behaviour if I run falselogin locally from inside an session. There are no customizations - falselogin simply fails out-of-the-box.
$ ssh xxx@xxx
xxx@xxx's password:
Welcome to Ubuntu 12.04.2 LTS (GNU/Linux 3.2.0-37-generic x86_64)
* Documentation: https:/
System information as of Wed Feb 20 12:20:04 EET 2013
System load: 0.14 Processes: 72
Usage of /: 48.4% of 2.88GB Users logged in: 0
Memory usage: 16% IP address for eth0: xxxx
Swap usage: 0%
Graph this data and manage this system at https:/
Last login: Wed Feb 20 12:09:21 2013 from xxxx.com
Welcome to remote (Debian wheezy/sid Linux 3.2.0-37-generic)!
*** buffer overflow detected ***: -falselogin terminated
======= Backtrace: =========
/lib/x86_
/lib/x86_
/lib/x86_
/lib/x86_
-falselogin[
/lib/x86_
-falselogin[
======= Memory map: ========
00400000-00402000 r-xp 00000000 fd:01 46284 /usr/bin/falselogin
00601000-00602000 r--p 00001000 fd:01 46284 /usr/bin/falselogin
00602000-00603000 rw-p 00002000 fd:01 46284 /usr/bin/falselogin
00fe3000-01004000 rw-p 00000000 00:00 0 [heap]
7f082beff000-
7f082bf14000-
7f082c113000-
7f082c114000-
7f082c115000-
7f082c121000-
7f082c320000-
7f082c321000-
7f082c322000-
7f082c4d7000-
7f082c6d6000-
7f082c6da000-
7f082c6dc000-
7f082c6e1000-
7f082c8fa000-
7f082c8fe000-
7f082c903000-
7f082c904000-
7fff0134b000-
7fff013ff000-
ffffffffff60000
Connection to xxx closed.
It's something related to a MTA subsystem or a terminal client mechanism that is not installed on the box.
A simple workaround is to comment this line on /etc/falselogin .conf
#You have %mail% messages in your mailbox.
After that you will have again the funny message when trying to login.