Re: Buffer overflow in awk

From: nilton.gs.scat_private
Date: Fri Mar 15 2002 - 13:33:57 PST

Next message: Russell Handorf: "Re: Wireless Legality- Netstumbler and kin"

Previous message: dong-h0un U: "RE: Buffer overflow in awk"
In reply to: sekureat_private: "Re: Buffer overflow in awk"
Next in thread: Rui Miguel Silva Seabra: "Re: Buffer overflow in awk"
Next in thread: wu2ftpd-ovich: "Re: Buffer overflow in awk"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,
You are right. Conectiva Linux (brazilian distro with a lot of vulnerabilities)
and RedHat are vulnerable to awk b0f.

"why find a bug in awk and exploit it ?"
To elevate privilegies!

PS: greetz keoki, <keokiat_private>.

Best regards...
Nilton Gomes

-- Mensagem original --

>Hi,
>
>In my Debian Potato r5 and Conectiva Linux 7 it worked too! 
>
>But i would ask the some thing, why find a bug in awk and exploit it ?

>
>1) It isn't suid root in linux.
>2) doesn't used in web applications
>
>Then, why exploit it ?
>
>ps.: sorry for my poor english.
>
>cheers.
>
>[ ]'s
>
>



------------------------------------------
Use o melhor sistema de busca da Internet
Radar UOL - http://www.radaruol.com.br

Next message: Russell Handorf: "Re: Wireless Legality- Netstumbler and kin"
Previous message: dong-h0un U: "RE: Buffer overflow in awk"
In reply to: sekureat_private: "Re: Buffer overflow in awk"
Next in thread: Rui Miguel Silva Seabra: "Re: Buffer overflow in awk"
Next in thread: wu2ftpd-ovich: "Re: Buffer overflow in awk"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Mar 15 2002 - 15:33:03 PST