Bugtraq mailing list archives
Re: dump buffer overflow
From: lamagra () HACKERMAIL NET (Lamagra Argamal)
Date: Tue, 7 Mar 2000 21:14:32 -0000
On FreeBSD dump has the same hole i describes in my previous post. Only it is exploitable :-) Dump with kerberos has __atexit and __cleanup after all the other variables on the heap. By overwriting these variables you can start your shellcode. Most of the credits should go to zen-parse who found and tested this. -lamagra Greets to lurux, grue, typo, jolt-freak. http://lamagra/seKure.de Send someone a cool Dynamitemail flashcard greeting!! And get rewarded. GO AHEAD! http://cards.dynamitemail.com/index.php3?rid=fc-41
Current thread:
- Re: dump buffer overflow Lamagra Argamal (Mar 07)
- Re: dump buffer overflow Przemyslaw Frasunek (Mar 08)
- New online publication: "Computer Vulnerabilities" Eric Knight (Mar 08)
- Re: dump buffer overflow Kris Kennaway (Mar 08)
- [TL-Security-Announce] man-1.5g-5 and earlier TLSA2000004-1 Jeremiah Johnson (Mar 08)
- Re: dump buffer overflow Warner Losh (Mar 08)