Re: Multiple vulnerabilities in AutomatedShops WebC shopping cart

From: Carl Livitt (carlat_private)
Date: Fri Apr 04 2003 - 01:32:35 PST

Next message: Martin Schulze: "[SECURITY] [DSA 278-1] New sendmail packages fix denial of service"

Previous message: Andrew Griffiths: "[Full-Disclosure] Syscall implementation could lead to whether or not a file exists"
In reply to: Carl Livitt: "Multiple vulnerabilities in AutomatedShops WebC shopping cart"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Oops. The remote exploit I included was a half-finished (not working) version 
that attempts privilege escalation in addition to execution of shellcode.

Attached is the correct, working version with no privilege escalation.

Carl.

text/x-csrc attachment: webc-remote-exploit.c

Next message: Martin Schulze: "[SECURITY] [DSA 278-1] New sendmail packages fix denial of service"
Previous message: Andrew Griffiths: "[Full-Disclosure] Syscall implementation could lead to whether or not a file exists"
In reply to: Carl Livitt: "Multiple vulnerabilities in AutomatedShops WebC shopping cart"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 04 2003 - 08:17:26 PST