Dear bugtraq readers, This is another exploit for the flaw found by Steven Van Acker. http://www.securityfocus.com/archive/1/192844 In order to allow for more nops, I have constructed the payload like this: <82 nops><jmp 0x4><retaddr><shellcode> [teleh0r@localhost teleh0r]$ ./cfingerd-exploit.pl -s 1 Address: 0xbffff46c Exploit attempt succeeded! [teleh0r@localhost teleh0r]# Tested against cfingerd 1.4.3-8. Sincerely yours, teleh0r http://www.digit-labs.org/teleh0r/
This archive was generated by hypermail 2b30 : Wed Jul 11 2001 - 16:47:53 PDT