Bugtraq mailing list archives
Re: Ray Cromwell: Another Netscape Bug (and possible security
From: cl4lkryl () cling gu se (Leonard Krylov)
Date: Wed, 27 Sep 1995 10:32:26 +0100
Hey folks, I need to know about this 'stack overwriting thing' thet is so lively discussed. As I understand it (and correct me if I'm wrong), the point is to pass in data to a non-bound checking routine (like syslog), and make it so constructed that it 'rewrites' some parameters on the stack. Subsequent routines will then pop these phoney params and off we go... Am I right? Can anybody provide me with more detailed info and perhaps some harmless example (please please please!!!) BTW, I am thinking about a possible bug in programs, that open files R/RW and tell them to be opened across exec()'s. They maybe setuid() in time, but forget to close the file descriptor (hmm). Go check it out! /LK/
Current thread:
- Re: Ray Cromwell: Another Netscape Bug (and possible security mueller_scott (Sep 22)
- <Possible follow-ups>
- Re: Ray Cromwell: Another Netscape Bug (and possible security Howard B Owen (Sep 24)
- Re: Ray Cromwell: Another Netscape Bug (and possible security Leonard Krylov (Sep 27)
- Re: Ray Cromwell: Another Netscape Bug (and possible security Marc W. Mengel (Sep 27)
- Re: your mail Anthony J. Stuckey (Sep 27)
- Re: Ray Cromwell: Another Netscape Bug (and possible security Diego Zamboni (Sep 28)
- Re: livingston.. Rick Weldon (Sep 29)
- Re: Ray Cromwell: Another Netscape Bug (and possible security Diego Zamboni (Sep 28)
- Re: Ray Cromwell: Another Netscape Bug (and possible security T. Jason Ucker (Sep 29)