Bugtraq mailing list archives
Re: Interim solution for ps
From: kirby () COSMIC UGA EDU (Steven Kirby)
Date: Tue, 20 May 1997 00:45:17 -0400
Here's a generic wrapper I've written that you can use as an interim solution for wrapping /usr/bin/ps and /usr/ucb/ps. (/usr/ucb/ps looks to be similarly vulnerable.) The code is fairly well documented IMHO, and should be adaptable enough to wrap just about any program.
I'll have to look at this more closely in the morning, but I suspect you may have reinvented the wheel. (Though, at first glance, it looks like a *really* nice wheel! :-)) The folks at AUSCERT released a generic wrapper program to handle buffer overflow problems a while back. It's available from: ftp://ftp.auscert.org.au/pub/auscert/tools/overflow_wrapper.c It's been the answer to more than one advisory that began "Due to insufficient bounds checking... "). --steve It's not what you know, but what you think of in time. Steven Kirby University of Georgia kirby () cosmic uga edu
Current thread:
- Reminder for irix ppl Nafees Bin Zafar (May 14)
- Re: Reminder for irix ppl Mike Neuman (May 15)
- Vulnerability in Elm-ME+ John Goerzen (May 15)
- Re: Vulnerability in Elm-ME+ Kari E. Hurtta (May 17)
- Finally, most of an exploit for Solaris 2.5.1's ps. Joe Zbiciak (May 17)
- Re: Finally, most of an exploit for Solaris 2.5.1's ps. Adam Morrison (May 19)
- Re: Finally, most of an exploit for Solaris 2.5.1's ps. Joe Zbiciak (May 19)
- Interim solution for ps Joe Zbiciak (May 19)
- Re: Interim solution for ps Steven Kirby (May 19)
- The rest of the exploit is here! Solaris 2.5.1 ps! Joe Zbiciak (May 18)