SuSE 7.2 (& others) sendmail local xploit

From: RoMaN SoFt / LLFB!! (romanat_private)
Date: Sun Aug 26 2001 - 02:45:39 PDT

Next message: Albrecht Guenther: "security hole in os groupware suite PHProjekt"

Previous message: Harald Welte: "Re: improper use of netfilter MIRROR target can cause DoS"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

 Hi.

 This is the 'alsou.c' sendmail 8.11.x (x<=5) xploit with some very
slight modifications:
 - extensive documentation and example on how to get this to work on
several distros / sendmail versions 
 - working on default SuSE 7.2 (sendmail 8.11.3):
 - also included working parameters for SuSE 6.4 with *custom
compiled* sendmail 8.11.2:
 - allows to give offset in command line. Use with 'smxploit' script
(also included) in order to find correct offset. This will be
necessary in different distros / sendmail versions
- QUICK GUIDE for finding propper exploitation values (VECT, GOT and
OFFSET):
 ==> CASE A: Non-stripped binary:
 ==> CASE B: Stripped binary (this is the default on several distros):

 Please read complete alsou2.c comment lines for the whole
explanation.

 Regards,

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
    ** RoMaN SoFt / LLFB **  
       romanat_private
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

application/octet-stream attachment: SuSE 7.2 (& others) sendmail local xploit

Next message: Albrecht Guenther: "security hole in os groupware suite PHProjekt"
Previous message: Harald Welte: "Re: improper use of netfilter MIRROR target can cause DoS"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sun Aug 26 2001 - 10:05:07 PDT