Bugtraq mailing list archives
Re: rdist exploit [bsdi]
From: jaeger () dhp com (jaeger)
Date: Fri, 12 Jul 1996 17:17:08 -0400
On Fri, 12 Jul 1996, Damien Sorder wrote:
Here is a quick bsd/os (should work in freebsd too, I believe) exploitation script for the rdist buffer overflow vulnerbility.Confirmed for FreeBSD 2.1.0-RELEASE, 2.2-960501-SNAP and 2.2-960601-SNAP. Haven't tried it with the 2.1.5 release stream yet.It did NOT work on a friend's FreeBSD 2.1.0-RELEASE box. I guess it depends on the configuration and if the admin has done any other patching.
The exploit must be compiled with no optimization or it throws off the hardcoded offsets. It indeed works on a 2.1.0-RELEASE machine. Verify that your friend's rdist is SUID and not a replacement package of some sort. -jaeger
Current thread:
- [linux-security] [8lgm]-Advisory-26.UNIX.rdist.20-3-1996 Jeff Uphoff (Jul 04)
- Re: [linux-security] [8lgm]-Advisory-26.UNIX.rdist.20-3-1996 Michael Shields (Jul 05)
- CERT Advisory CA-96.13 - Vulnerability in the dip program CERT Advisory (Jul 09)
- Re: CERT Advisory CA-96.13 - Vulnerability in the dip program Efrain Torres (Jul 09)
- FIRST Conference & Workshop Plans Ron Freund (Jul 09)
- rdist exploit [bsdi] Brian Mitchell (Jul 09)
- Re: rdist exploit [bsdi] Brian Tao (Jul 11)
- Re: rdist exploit [bsdi] Damien Sorder (Jul 11)
- Re: rdist exploit [bsdi] jaeger (Jul 12)
- Re: rdist exploit [bsdi] Andrew N. Edmond (Jul 13)
- Re: rdist exploit [bsdi] Andy Dills (Jul 13)
- Re: rdist exploit [bsdi] Brian Tao (Jul 14)
- at the risk of another flamefest.. *Hobbit* (Jul 14)
- Re: at the risk of another flamefest.. David Stagner (Jul 15)
- Re: at the risk of another flamefest.. Alan L. Wendt (Jul 15)
- hpux 10.0 remote administration Matthew G. Harrigan (Jul 15)
- Re: rdist exploit [bsdi] System Manager (Jul 13)
- Re: rdist exploit [bsdi] Tom Bowman (Jul 12)
- Re: rdist exploit [bsdi] Brian Tao (Jul 12)