> Segmentation fault (core dumped) > > At first, this does not seem a problem: nslookup is not suid root or anything. > But several sites have cgi-scripts that call nslookup... tests show that these > will coredump when passed enough characters. Looks exploitable to me... It is, I've successfully got a shell using my old generic exploit, with 260 bytes followed by a pointer to esp-400. Willy -- +----------------------------------------------------------------------------+ | Willy Tarreau - tarreauat_private - http://www-miaif.lip6.fr/willy/ | | System and Network Engineer - NOVECOM - http://novworld.novecom.fr/ | | Magistere d'Informatique Appliquee de l'Ile de France ( MIAIF ), Year 1997 | +----------------------------------------------------------------------------+
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:14:14 PDT