Penetration Testing mailing list archives

Re: Format String Vulnerabilities

From: Pranay Kanwar <warl0ck () metaeye org>
Date: Sat, 19 May 2007 02:32:58 +0530

Hi,

RedHat 9 does not have any protection enabled
in the default installation ( i am even sure it does not exist).
As i recall RedHat 9 shipped with kernel 2.4.20 and it does
not have any stack protection by default.

Also it may be possible the kernel has been patched with
Grsecurity patch or Open wall's patch.

Also it would be beneficial if you took a look at scut's paper
on exploiting format string vulnerabilities and LSD's discussion
of IRIX telnet daemon exploit.

regards,

warl0ck // MSG
http://www.metaeye.org


------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------

Current thread:

Format String Vulnerabilities Mike Gibson (May 18)
- Re: Format String Vulnerabilities Pranay Kanwar (May 18)
- Re: Format String Vulnerabilities rajat swarup (May 18)
- <Possible follow-ups>
- Re: Format String Vulnerabilities andy . x . johnson (May 18)