Re: ADV/EXP:pic/lpd remote exploit - RH 7.0

From: iG0R (igorat_private)
Date: Sun Jul 29 2001 - 20:21:36 PDT

Next message: Rebecca Kastl: "RE: TXT or HTML? -- IE NEW BUG"

Previous message: Erektus: "Re: Windows ME file restoration"
In reply to: Marco Castelvecchio: "Re: ADV/EXP:pic/lpd remote exploit - RH 7.0"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 29 July 2001 13:57, you wrote:
> It seems that some releases aren't affected. Can anyone confirm these ones:
> Mandrake 8 groff 1.16.1
> RedHat 6.2 groff 1.15 ?
>
> I can confirm it works indeed on RedHat 5.2 and 6.1 (default distro).

Mandrake 8.0 are vulnerable with groff-1.16.1-7mdk and safe_address 0x8075fab

1: x/i $eip  0x805683c <strcpy+55720>:  jmp    *0x8066b50(,%edx,4)
(gdb)
0x08056853 in strcpy ()
1: x/i $eip  0x8056853 <strcpy+55743>:  mov    $0x1,%edx
(gdb)
0x08056858 in strcpy ()
1: x/i $eip  0x8056858 <strcpy+55748>:  mov    %edx,0x8075fac
(gdb)
0x0805685e in strcpy ()
1: x/i $eip  0x805685e <strcpy+55754>:  jmp    0x8056975 <strcpy+56033>
(gdb)

Next message: Rebecca Kastl: "RE: TXT or HTML? -- IE NEW BUG"
Previous message: Erektus: "Re: Windows ME file restoration"
In reply to: Marco Castelvecchio: "Re: ADV/EXP:pic/lpd remote exploit - RH 7.0"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sun Jul 29 2001 - 23:17:06 PDT