Re: top format string bug exploit code (exploitable)

From: Joe Warren-Meeks (joe@hole-in-the.net)
Date: Fri Jul 27 2001 - 03:45:13 PDT

Next message: Thran .: "SimpleServer:WWW Command Execution Vulnerability Exploit Code Released"

Previous message: Radu-Adrian Feurdean: "Re: UDP packet handling weird behaviour of various operating systems"
In reply to: David Brownlee: "Re: top format string bug exploit code (exploitable)"
Next in thread: Lupe Christoph: "Re: top format string bug exploit code (exploitable)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Jul 25, 2001 at 05:18:42PM +0100, David Brownlee scribed:

> > possible to get kmem priviledge in the XXXXBSD which is still not patched,
> > possible to get root priviledge in solaris .
> 
> 	As regards NetBSD: I don't know about earlier versions, but 1.5
> 	and later will be safe from this (or any other top exploit) as
> 	the binary is not setid.


joe@black:/home/joe $ uname -a
OpenBSD black 2.9 Black#0 i386
joe@black:/home/joe $ ls -las /usr/bin/top
36 -r-xr-xr-x  1 root  bin  36864 Jun 23 16:41 /usr/bin/top
joe@black:/home/joe $ 

 -- joe.

Next message: Thran .: "SimpleServer:WWW Command Execution Vulnerability Exploit Code Released"
Previous message: Radu-Adrian Feurdean: "Re: UDP packet handling weird behaviour of various operating systems"
In reply to: David Brownlee: "Re: top format string bug exploit code (exploitable)"
Next in thread: Lupe Christoph: "Re: top format string bug exploit code (exploitable)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Jul 27 2001 - 09:13:59 PDT