Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: No Subject (re: openssh exploit code?)

From: Paul Schmehl <pauls () utdallas edu>
Date: Tue, 21 Oct 2003 00:02:19 -0500
--On Monday, October 20, 2003 5:19 PM -0700 "Gregory A. Gilliss" <ggilliss () netpublishing com> wrote: 


Hi,

Maybe I missed something here...


No, you didn't.


I'm an assembler jockey from BITD and I know a few things about alloc/
calloc/malloc and heaps and stacks etc. So what's the key, may I ask,
to this heap exploit that was the origin of this thread?
You're never going to find that out, Gregory, because mitch, our l33t code monkey, is keeping the code to himself. Now mind you, he *assures* us that it's easy to 'sploit, so we're just gonna have to take his word for it. 

But you'd better patch now, 'cause he's gunnin' for ya.

Paul Schmehl (pauls () utdallas edu)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: