('binary' encoding is not supported, stored as-is) In-Reply-To: <3C0DD8F0.1070208@marshal-soft.com> Forgive me for asking: what 's concept of the signals and ESOTERIC exploit, I don't have much clue when reading from http://community.corest.com/~gera/InsecureProgram ming/ >Received: (qmail 16357 invoked from network); 5 Dec 2001 17:01:21 -0000 >Received: from outgoing3.securityfocus.com (HELO outgoing.securityfocus.com) (66.38.151.27) > by mail.securityfocus.com with SMTP; 5 Dec 2001 17:01:21 -0000 >Received: from lists.securityfocus.com (lists.securityfocus.com [66.38.151.19]) > by outgoing.securityfocus.com (Postfix) with QMQP > id 57D41A3105; Wed, 5 Dec 2001 09:32:18 -0700 (MST) >Mailing-List: contact vuln-dev- helpat_private; run by ezmlm >Precedence: bulk >List-Id: <vuln-dev.list-id.securityfocus.com> >List-Post: <mailto:vuln-devat_private> >List-Help: <mailto:vuln-dev- helpat_private> >List-Unsubscribe: <mailto:vuln-dev- unsubscribeat_private> >List-Subscribe: <mailto:vuln-dev- subscribeat_private> >Delivered-To: mailing list vuln- devat_private >Delivered-To: moderator for vuln- devat_private >Received: (qmail 3859 invoked from network); 5 Dec 2001 08:20:04 -0000 >Message-ID: <3C0DD8F0.1070208@marshal- soft.com> >Date: Wed, 05 Dec 2001 09:21:04 +0100 >From: Marshal <marshal@marshal-soft.com> >User-Agent: Mozilla/5.0 (Windows; U; Win98; en- US; rv:0.9.2) Gecko/20010726 Netscape6/6.1 >X-Accept-Language: en-us >MIME-Version: 1.0 >To: =?ISO-8859-1?Q?Iv=E1n?= Arce <core.lists.exploit-dev@core-sdi.com>, > vuln-dev@security-focus.com >Subject: Re: buffer overflow question >References: <20011204225753.24101.qmailat_private> <043901c17d29$04aef2f0$2e58a8c0@ffornicario> >Content-Type: text/plain; charset=ISO-8859-1; format=flowed >Content-Transfer-Encoding: 8bit > >As long as i remember the format strings example files on that page >aren't real format string vuln. but just ordinary buffer overflows. > >Iván Arce wrote: > >>Hi generic >> >>if you are teaching yourself buffer overflowing i highly >>recommend that you go to >>http://community.corest.com/~gera/InsecureProgra mming/ >>go though all the sample program and code an exploit >>for each one. its the best hand-ons learning i can think of, >>besides 'gera' is a coworker and a really cool guy :0 >>-i >> >>----- Original Message ----- >>From: *jnf <core.lists.exploit-dev@core-sdi.com> >>Newsgroups: core.lists.exploit-dev >>To: <vuln-devat_private> >><security-basics@security-focus.com> >>Sent: Tuesday, December 04, 2001 7:57 PM >>Subject: buffer overflow question >> >> >>>Hello, I have a request about buffer overflows, >>>I am teaching myself about them, more >>>specifically how to reconize, code the exploit >>>and fix the hole, what I would like to know is >>>if anyone knows any local exploits for the >>>linux os (x86) that would follow what one could >>>consider to be a 'text-book- scenario of one, >>>and if so could they foward me that >>>information, it would be greatly appreciated >>>thank you >>> >>> >>> >>>generic >>> >>>-- >>> >>>________________________________________ _______ >>>Sign-up for your own FREE Personalized E-mail at Mail.com >>>http://www.mail.com/?sr=signup >>> >>> >>>1 cent a minute calls anywhere in the U.S.! >>> >>> >>http://www.getpennytalk.com/cgi- bin/adforward.cgi?p_key=RG9853KJ&url=http:// >>www.getpennytalk.com >> >>> >> >> >>--- for a personal reply use: =?iso-8859-1?Q? Iv=E1n_Arce?= <ivan.arceat_private> >> > > >
This archive was generated by hypermail 2b30 : Sat Dec 08 2001 - 20:56:50 PST