Hello world, Find attached a modified version that will compile with gcc on Linux. The vulnerability check seems to work, but I've not yet managed a successful exploit. John. P.S: Greets to my Mum. On Fri, 2003-04-18 at 15:27, einstein, dhtm wrote: > hello bugtraq, > > Here is an exploit for a recently discovered vulnerability in PoPToP > PPTP server under Linux. Versions affected are all prior to > 1.1.4-b3 and 1.1.3-20030409. > The exploit is capable of bruteforcing the RET address to find our > buffer in the stack. Upon a successfull run it brings up a reverse > shell with privileges of the pptpd daemon (typically root) > on the victim server. > > P.S. Greets to ERRor, Death and all others. > -- GPG KEY: B89C D450 5B2C 74D8 58FB A360 9B06 B5C2 26F0 3047 HTTP: http://www.johnleach.co.uk
This archive was generated by hypermail 2b30 : Tue Apr 22 2003 - 14:27:30 PDT