buffer overflow problems

Marius Gedminas marius at pov.lt
Tue Apr 28 19:12:17 UTC 2009 

On Tue, Apr 28, 2009 at 12:32:12PM -0400, Ashley Benton wrote:
> I have a server (ubuntu 8.10 desktop with apache2 mysql and php5)  that I
> use for my websites. Yesterday I used apachetop and found a buffer overflow.
> I guessed that my server had not been secured enough so this morning I
> reinstall the server (ubuntu 9.04 with apache2 and php5) and used apachetop.
> I still have the buffer overflow problem and the server is not connected to
> internet yet (the computer is but I didn't configure apache2 yet).
> I am completely lost and don't understand where the problem is coming from
> or how to solve it.
> This is the result from apache top:
> 
> *** buffer overflow detected ***: apachetop terminated

This is a bug in the apachetop program.  Please report it at
https://bugs.launchpad.net/ubuntu and include this backtrace:

> ======= Backtrace: =========
> /lib/tls/i686/cmov/libc.so.6(__fortify_fail+0x48)[0xb7e02da8]
> /lib/tls/i686/cmov/libc.so.6[0xb7e00eb0]
> /lib/tls/i686/cmov/libc.so.6[0xb7e01618]
> apachetop[0x8049a05]
> apachetop[0x804ad8a]
> /lib/tls/i686/cmov/libc.so.6(__libc_start_main+0xe5)[0xb7d1b775]
> apachetop[0x8049781]
> ======= Memory map: ========
> 08048000-08051000 r-xp 00000000 08:01 961658     /usr/sbin/apachetop
> 08051000-08052000 r--p 00008000 08:01 961658     /usr/sbin/apachetop
> 08052000-08053000 rw-p 00009000 08:01 961658     /usr/sbin/apachetop
> 083b7000-083d8000 rw-p 083b7000 00:00 0          [heap]
> b7cad000-b7cb7000 r-xp 00000000 08:01 1523807    /lib/tls/i686/cmov/
> libnss_files-2.9.so
> b7cb7000-b7cb8000 r--p 00009000 08:01 1523807    /lib/tls/i686/cmov/
> libnss_files-2.9.so
> b7cb8000-b7cb9000 rw-p 0000a000 08:01 1523807    /lib/tls/i686/cmov/
> libnss_files-2.9.so
> b7cb9000-b7cc2000 r-xp 00000000 08:01 1523809    /lib/tls/i686/cmov/
> libnss_nis-2.9.so
> b7cc2000-b7cc3000 r--p 00008000 08:01 1523809    /lib/tls/i686/cmov/
> libnss_nis-2.9.so
> b7cc3000-b7cc4000 rw-p 00009000 08:01 1523809    /lib/tls/i686/cmov/
> libnss_nis-2.9.so
> b7cc4000-b7cd9000 r-xp 00000000 08:01 1523803    /lib/tls/i686/cmov/
> libnsl-2.9.so
> b7cd9000-b7cda000 r--p 00014000 08:01 1523803    /lib/tls/i686/cmov/
> libnsl-2.9.so
> b7cda000-b7cdb000 rw-p 00015000 08:01 1523803    /lib/tls/i686/cmov/
> libnsl-2.9.so
> b7cdb000-b7cdd000 rw-p b7cdb000 00:00 0
> b7cdd000-b7ce4000 r-xp 00000000 08:01 1523804    /lib/tls/i686/cmov/
> libnss_compat-2.9.so
> b7ce4000-b7ce5000 r--p 00006000 08:01 1523804    /lib/tls/i686/cmov/
> libnss_compat-2.9.so
> b7ce5000-b7ce6000 rw-p 00007000 08:01 1523804    /lib/tls/i686/cmov/
> libnss_compat-2.9.so
> b7ce6000-b7ce8000 rw-p b7ce6000 00:00 0
> b7ce8000-b7cfd000 r-xp 00000000 08:01 1523812    /lib/tls/i686/cmov/
> libpthread-2.9.so
> b7cfd000-b7cfe000 r--p 00014000 08:01 1523812    /lib/tls/i686/cmov/
> libpthread-2.9.so
> b7cfe000-b7cff000 rw-p 00015000 08:01 1523812    /lib/tls/i686/cmov/
> libpthread-2.9.so
> b7cff000-b7d01000 rw-p b7cff000 00:00 0
> b7d01000-b7d03000 r-xp 00000000 08:01 1523800    /lib/tls/i686/cmov/
> libdl-2.9.so
> b7d03000-b7d04000 r--p 00001000 08:01 1523800    /lib/tls/i686/cmov/
> libdl-2.9.so
> b7d04000-b7d05000 rw-p 00002000 08:01 1523800    /lib/tls/i686/cmov/
> libdl-2.9.so
> b7d05000-b7e61000 r-xp 00000000 08:01 1523793    /lib/tls/i686/cmov/
> libc-2.9.so
> b7e61000-b7e62000 ---p 0015c000 08:01 1523793    /lib/tls/i686/cmov/
> libc-2.9.so
> b7e62000-b7e64000 r--p 0015c000 08:01 1523793    /lib/tls/i686/cmov/
> libc-2.9.so
> b7e64000-b7e65000 rw-p 0015e000 08:01 1523793    /lib/tls/i686/cmov/
> libc-2.9.so
> b7e65000-b7e69000 rw-p b7e65000 00:00 0
> b7e69000-b7e76000 r-xp 00000000 08:01 1507395    /lib/libgcc_s.so.1
> b7e76000-b7e77000 r--p 0000c000 08:01 1507395    /lib/libgcc_s.so.1
> b7e77000-b7e78000 rw-p 0000d000 08:01 1507395    /lib/libgcc_s.so.1
> b7e78000-b7e9c000 r-xp 00000000 08:01 1523801    /lib/tls/i686/cmov/
> libm-2.9.so
> b7e9c000-b7e9d000 r--p 00023000 08:01 1523801    /lib/tls/i686/cmov/
> libm-2.9.so
> b7e9d000-b7e9e000 rw-p 00024000 08:01 1523801    /lib/tls/i686/cmov/
> libm-2.9.so
> b7e9e000-b7f82000 r-xp 00000000 08:01 958571
> /usr/lib/libstdc++.so.6.0.10
> b7f82000-b7f86000 r--p 000e3000 08:01 958571
> /usr/lib/libstdc++.so.6.0.10
> b7f86000-b7f87000 rw-p 000e7000 08:01 958571
> /usr/lib/libstdc++.so.6.0.10
> b7f87000-b7f8d000 rw-p b7f87000 00:00 0
> b7f8d000-b7fbd000 r-xp 00000000 08:01 1507362    /lib/libpcre.so.3.12.1
> b7fbd000-b7fbe000 r--p 0002f000 08:01 1507362    /lib/libpcre.so.3.12.1
> b7fbe000-b7fbf000 rw-p 00030000 08:01 1507362    /lib/libpcre.so.3.12.1
> b7fbf000-b7fc6000 r-xp 00000000 08:01 960281     /usr/lib/libfam.so.0.0.0
> b7fc6000-b7fc7000 r--p 00006000 08:01 960281     /usr/lib/libfam.so.0.0.0
> b7fc7000-b7fc8000 rw-p 00007000 08:01 960281     /usr/lib/libfam.so.0.0.0
> b7fc8000-b7fd9000 r-xp 00000000 08:01 961656     /usr/lib/libadns.so.1.3
> b7fd9000-b7fda000 r--p 00011000 08:01 961656     /usr/lib/libadns.so.1.3
> b7fda000-b7fdb000 rw-p 00012000 08:01 961656     /usr/lib/libadns.so.1.3
> b7fdb000-b7fdc000 rw-p b7fdb000 00:00 0
> b7fdc000-b800b000 r-xp 00000000 08:01 1507407    /lib/libncurses.so.5.7
> b800b000-b800d000 r--p 0002e000 08:01 1507407    /lib/libncurses.so.5.7
> b800d000-b800e000 rw-p 00030000 08:01 1507407    /lib/libncurses.so.5.7
> b800e000-b803a000 r-xp 00000000 08:01 1507450    /lib/libreadline.so.5.2
> b803a000-b803b000 ---p 0002c000 08:01 1507450    /lib/libreadline.so.5.2
> b803b000-b803c000 r--p 0002c000 08:01 1507450    /lib/libreadline.so.5.2
> b803c000-b803f000 rw-p 0002d000 08:01 1507450    /lib/libreadline.so.5.2
> b803f000-b8040000 rw-p b803f000 00:00 0
> b8052000-b8054000 rw-p b8052000 00:00 0
> b8054000-b8055000 r-xp b8054000 00:00 0          [vdso]
> b8055000-b8071000 r-xp 00000000 08:01 1507347    /lib/ld-2.9.so
> b8071000-b8072000 r--p 0001b000 08:01 1507347    /lib/ld-2.9.so
> b8072000-b8073000 rw-p 0001c000 08:01 1507347    /lib/ld-2.9.so
> bf85d000-bf872000 rw-p bffeb000 00:00 0          [stack]
> Aborted
> 
> Any help would be appreciate,
> 
> Thank you
> 
> Meg

Marius Gedminas
-- 
Undergraduates owe their happiness chiefly to the fact that they are no
longer at school...The nonsense which was knocked out of them at school is
all gently put back at Oxford or Cambridge
	        -- Sir Max Beerbohm (1872-1956)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20090428/d6749757/attachment.sig>

More information about the ubuntu-users mailing list