nanog mailing list archives
Nanog traceroute format string exploit. (fwd)
From: jeffrey arnold <jba () analogue net>
Date: Mon, 22 Jul 2002 23:58:35 -0400 (EDT)
This came through on bugtraq this afternoon. -jba __ [jba () analogue net] :: analogue.networks.nyc :: http://analogue.net ---------- Forwarded message ---------- Date: Sun, 21 Jul 2002 14:09:24 +0200 From: SpaceWalker <spacewalker () minithins net> To: bugtraq () securityfocus com Cc: vuln-dev () securityfocus com Subject: Nanog traceroute format string exploit. Hello, As the vulnerability has been published some weeks ago, and no working exploit has been released (the perl exploit was joke) I decided to release my private exploit. I do it only because -This exploit will never be used to haxor something because I never saw this traceroute used by default -This exploit find offsets "by the proper way" and doesn't place the target adresses in the format string. (and is interresting to study for beginners). Have phun, please don't haxor with it. SpaceWalker
Attachment:
tracerouteexp.tgz
Description:
Current thread:
- Nanog traceroute format string exploit. (fwd) jeffrey arnold (Jul 22)