Full Disclosure mailing list archives
*BSD banner INT overflow vulnerability
From: "Tyop?" <tyoptyop () gmail com>
Date: Wed, 22 Nov 2006 14:36:04 +0100
On 11/22/06, Sean Comeau <scomeau () cansecwest com> wrote:
On Wed, Nov 22, 2006 at 12:25:46PM +0300, dead code crew wrote:%uname -sir FreeBSD 6.1-RELEASE GENERIC %gdb banner (gdb) r -w 17000000 Program received signal SIGSEGV, Segmentation fault. 0x01010101 in ?? ()This doesn't crash banner on OpenBSD, and even if it did who cares? What would anyone accomplish by making this setuid root?
$ ls -l /usr/bin/banner -r-xr-xr-x 1 root wheel 9576 Jul 5 2005 /usr/bin/banner $ pfiuuu.. I'm safe. Thx a lot. F34r da banner H4x0r. -- Tyop? _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- *BSD banner INT overflow vulnerability dead code crew (Nov 22)
- Re: *BSD banner INT overflow vulnerability Sean Comeau (Nov 22)
- Message not available
- *BSD banner INT overflow vulnerability Tyop? (Nov 22)
- Re: *BSD banner INT overflow vulnerability endrazine (Nov 22)
- Message not available
- Re: *BSD banner INT overflow vulnerability J.A. Terranson (Nov 25)
- Re: *BSD banner INT overflow vulnerability Sean Comeau (Nov 22)
- <Possible follow-ups>
- Re: *BSD banner INT overflow vulnerability daylasoul (Nov 26)
- Re: *BSD banner INT overflow vulnerability Nick FitzGerald (Nov 26)
- Re: *BSD banner INT overflow vulnerability Tyop? (Nov 26)
- Re: *BSD banner INT overflow vulnerability Nick FitzGerald (Nov 26)
- Re: *BSD banner INT overflow vulnerability Nick FitzGerald (Nov 26)