Exploit for traceroute-nanog overflow

[Carl Livitt <carl () learningshophull co uk>]

Attached is a working proof-of-concept exploit for the traceroute-nanog local 
root hole. It works on SuSE 7.x/8.0 and maybe others too.

It includes detailed information on where the vulnerability lies in the source 
code, problems in exploitation and solutions to those problems.

It also highlights _another_ possible vulnerability in the form of a heap 
overflow (not yet researched).

Regards,
Carl

Attachment: traceroute-exploit.c
Description: