Bugtraq mailing list archives
Re: top format string bug exploit code (exploitable)
From: David Brownlee <abs () formula1 com>
Date: Wed, 25 Jul 2001 17:18:42 +0100 (BST)
On Wed, 25 Jul 2001, SeungHyun Seo wrote:
It still seems to be affected under 3.5beta9 (including this version) someone said it's not the problem of exploitable vulnerability about 8 month ago , but it's possible to exploit though situation is difficult. following code and some procedure comments demonstrate it. possible to get kmem priviledge in the XXXXBSD which is still not patched, possible to get root priviledge in solaris .
As regards NetBSD: I don't know about earlier versions, but 1.5
and later will be safe from this (or any other top exploit) as
the binary is not setid.
--
David/absolute abs () formula1 com
Current thread:
- top format string bug exploit code (exploitable) SeungHyun Seo (Jul 25)
- Re: top format string bug exploit code (exploitable) David Brownlee (Jul 25)
- Re: top format string bug exploit code (exploitable) Joe Warren-Meeks (Jul 27)
- Re: top format string bug exploit code (exploitable) Przemyslaw Frasunek (Jul 25)
- Re: top format string bug exploit code (exploitable) Lupe Christoph (Jul 26)
- Re: top format string bug exploit code (exploitable) David Brownlee (Jul 25)