Bugtraq mailing list archives
Exploit for traceroute-nanog overflow
From: Carl Livitt <carl () learningshophull co uk>
Date: Fri, 29 Nov 2002 17:49:48 +0000
Attached is a working proof-of-concept exploit for the traceroute-nanog local root hole. It works on SuSE 7.x/8.0 and maybe others too. It includes detailed information on where the vulnerability lies in the source code, problems in exploitation and solutions to those problems. It also highlights _another_ possible vulnerability in the form of a heap overflow (not yet researched). Regards, Carl
Attachment:
traceroute-exploit.c
Description:
Current thread:
- Exploit for traceroute-nanog overflow Carl Livitt (Nov 29)