Re: top format string bug exploit code (exploitable)

From: David Brownlee (absat_private)
Date: Wed Jul 25 2001 - 09:18:42 PDT

Next message: Stephanie Thomas: "RE: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0"

Previous message: Przemyslaw Frasunek: "Re: top format string bug exploit code (exploitable)"
In reply to: SeungHyun Seo: "top format string bug exploit code (exploitable)"
Next in thread: Joe Warren-Meeks: "Re: top format string bug exploit code (exploitable)"
Next in thread: Lupe Christoph: "Re: top format string bug exploit code (exploitable)"
Reply: Joe Warren-Meeks: "Re: top format string bug exploit code (exploitable)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 25 Jul 2001, SeungHyun Seo wrote:

> It still seems to be affected under 3.5beta9 (including this version)
> someone said it's not the problem of exploitable vulnerability about 8 month ago ,
> but it's possible to exploit though situation is difficult.
> following code and some procedure comments demonstrate it.
>
> possible to get kmem priviledge in the XXXXBSD which is still not patched,
> possible to get root priviledge in solaris .

	As regards NetBSD: I don't know about earlier versions, but 1.5
	and later will be safe from this (or any other top exploit) as
	the binary is not setid.

-- 
		David/absolute		absat_private

Next message: Stephanie Thomas: "RE: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0"
Previous message: Przemyslaw Frasunek: "Re: top format string bug exploit code (exploitable)"
In reply to: SeungHyun Seo: "top format string bug exploit code (exploitable)"
Next in thread: Joe Warren-Meeks: "Re: top format string bug exploit code (exploitable)"
Next in thread: Lupe Christoph: "Re: top format string bug exploit code (exploitable)"
Reply: Joe Warren-Meeks: "Re: top format string bug exploit code (exploitable)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Jul 25 2001 - 11:09:20 PDT