slocate vulnerability

From: xbuggyxat_private
Date: Thu Jan 30 2003 - 07:02:03 PST

Next message: tqaat_private: "re: slocate vulnerability"

Previous message: Barry K. Nathan: "Re: slocate vulnerability"
Next in thread: tqaat_private: "re: slocate vulnerability"
Reply: tqaat_private: "re: slocate vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The exploitation is   trivial ,but with libsafe this buffer 
overflow doesn't work:

(gdb) bt
#0  0x0018fb88 in _IO_vfprintf (s=0xbffff6ec, 
    format=0x804c215 "%s: decode_db(): %s: %s\n", ap=0xbffff854)
    at ../sysdeps/i386/i486/bits/string.h:530
#1  0x0012b47c in _IO_vfprintf () from /lib/libsafe.so.2
#2  0x001b1304 in _IO_vsnprintf (string=0x8056d28 "slocate: decode_db():
",     maxlen=4096, format=0x804c215 "%s: decode_db(): %s: %s\n",
args=0xbffff84c)    at vsnprintf.c:130
#3  0x0012b715 in vsnprintf () from /lib/libsafe.so.2
#4  0x0804be26 in strcpy ()
#5  0x0804ab5e in strcpy ()
#6  0x0804b8e0 in strcpy ()
#7  0x00154657 in __libc_start_main (main=0x804b340 <strcpy+9116>, argc=5,
    ubp_av=0xbffffad4, init=0x8048c1c <last_use+131884472>, 
    fini=0x804bf50 <strcpy+12204>, rtld_fini=0x11dcd4 <_dl_fini>, 
    stack_end=0xbffffacc) at ../sysdeps/generic/libc-start.c:129
(gdb) 




Best Regards
---
[Quipo ISP - Questa E-mail e' stata controllata dal programma Declude Virus]
[Quipo ISP - This E-mail was scanned for viruses by Declude Virus]

Next message: tqaat_private: "re: slocate vulnerability"
Previous message: Barry K. Nathan: "Re: slocate vulnerability"
Next in thread: tqaat_private: "re: slocate vulnerability"
Reply: tqaat_private: "re: slocate vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Jan 30 2003 - 08:42:18 PST