Bugtraq mailing list archives
Re: iDEFENSE Security Advisory 09.26.2002: Exploitable Buffer Overflow in gv
From: Boris Veytsman <borisv () lk net>
Date: Thu, 26 Sep 2002 13:44:56 -0400
From: David Endler <dendler () idefense com> Date: Thu, 26 Sep 2002 08:58:48 -0600 (MDT)
A proof of concept exploit for Red Hat Linux designed by zen-parse is attached to this message. It packages the overflow and shellcode in the "%%PageOrder:" section of the PDF. [root@victim]# ls -al /tmp/itworked /bin/ls: /tmp/itworked: No such file or directory [root@victim]# gv gv-exploit.pdf [root@victim]# ls -al /tmp/itworked - -rw-r--r-- 1 root root 0 Aug 22 16:50 /tmp/itworked [root@victim]#
Does not work for me: boris@reston-0491:~/convert$ gv -v gv 3.5.8 (debian) boris@reston-0491:~/convert$ gv gv-exploit.pdf Segmentation fault boris@reston-0491:~/convert$ ls -al /tmp/itworked ls: /tmp/itworked: No such file or directory -- Good luck -Boris By long-standing tradition, I take this opportunity to savage other designers in the thin disguise of good, clean fun. -- P.J. Plauger, "Computer Language", 1988, April Fool's column.
Current thread:
- iDEFENSE Security Advisory 09.26.2002: Exploitable Buffer Overflow in gv David Endler (Sep 26)
- Re: iDEFENSE Security Advisory 09.26.2002: Exploitable Buffer Overflow in gv Boris Veytsman (Sep 26)
- <Possible follow-ups>
- RE: iDEFENSE Security Advisory 09.26.2002: Exploitable Buffer Overflow in gv David Endler (Sep 26)