Vulnerability Development mailing list archives
Re: buffer overflow question
From: Minchu Mo <morris_minchu () iwon com>
Date: 9 Dec 2001 03:49:07 -0000
In-Reply-To: <3C0DD8F0.1070208 () marshal-soft com> Forgive me for asking: what 's concept of the signals and ESOTERIC exploit, I don't have much clue when reading from http://community.corest.com/~gera/InsecureProgram ming/
Received: (qmail 16357 invoked from network); 5
Dec 2001 17:01:21 -0000
Received: from outgoing3.securityfocus.com
(HELO outgoing.securityfocus.com) (66.38.151.27)
by mail.securityfocus.com with SMTP; 5 Dec 2001
17:01:21 -0000
Received: from lists.securityfocus.com
(lists.securityfocus.com [66.38.151.19])
by outgoing.securityfocus.com (Postfix)
with QMQP
id 57D41A3105; Wed, 5 Dec 2001
09:32:18 -0700 (MST)
Mailing-List: contact vuln-dev-
help () securityfocus com; run by ezmlm
Precedence: bulk List-Id: <vuln-dev.list-id.securityfocus.com> List-Post: <mailto:vuln-dev () securityfocus com> List-Help: <mailto:vuln-dev-
help () securityfocus com>
List-Unsubscribe: <mailto:vuln-dev-
unsubscribe () securityfocus com>
List-Subscribe: <mailto:vuln-dev-
subscribe () securityfocus com>
Delivered-To: mailing list vuln-
dev () securityfocus com
Delivered-To: moderator for vuln-
dev () securityfocus com
Received: (qmail 3859 invoked from network); 5
Dec 2001 08:20:04 -0000
Message-ID: <3C0DD8F0.1070208@marshal-
soft.com>
Date: Wed, 05 Dec 2001 09:21:04 +0100 From: Marshal <marshal () marshal-soft com> User-Agent: Mozilla/5.0 (Windows; U; Win98; en-
US; rv:0.9.2) Gecko/20010726 Netscape6/6.1
X-Accept-Language: en-us MIME-Version: 1.0 To: =?ISO-8859-1?Q?Iv=E1n?= Arce
<core.lists.exploit-dev () core-sdi com>,
vuln-dev () security-focus com Subject: Re: buffer overflow question References:
<20011204225753.24101.qmail () mail com> <043901c17d29$04aef2f0$2e58a8c0@ffornicario>
Content-Type: text/plain; charset=ISO-8859-1;
format=flowed
Content-Transfer-Encoding: 8bit As long as i remember the format strings example
files on that page
aren't real format string vuln. but just ordinary buffer
overflows.
Iván Arce wrote:Hi generic if you are teaching yourself buffer overflowing i
highly
recommend that you go to http://community.corest.com/~gera/InsecureProgra
mming/
go though all the sample program and code an
exploit
for each one. its the best hand-ons learning i can
think of,
besides 'gera' is a coworker and a really cool
guy :0
-i ----- Original Message ----- From: *jnf <core.lists.exploit-dev () core-sdi com> Newsgroups: core.lists.exploit-dev To: <vuln-dev () securityfocus com> <security-basics () security-focus com> Sent: Tuesday, December 04, 2001 7:57 PM Subject: buffer overflow questionHello, I have a request about buffer overflows, I am teaching myself about them, more specifically how to reconize, code the exploit and fix the hole, what I would like to know is if anyone knows any local exploits for the linux os (x86) that would follow what one could consider to be a 'text-book- scenario of one, and if so could they foward me that information, it would be greatly appreciated thank you generic -- ________________________________________
_______
Sign-up for your own FREE Personalized E-mail
at Mail.com
http://www.mail.com/?sr=signup 1 cent a minute calls anywhere in the U.S.!http://www.getpennytalk.com/cgi-
bin/adforward.cgi?p_key=RG9853KJ&url=http://
www.getpennytalk.com--- for a personal reply use: =?iso-8859-1?Q?
Iv=E1n_Arce?= <ivan.arce () corest com>
Current thread:
- buffer overflow question *jnf (Dec 04)
- Re: buffer overflow question Iván Arce (Dec 04)
- Re: buffer overflow question Marshal (Dec 05)
- Re: buffer overflow question Gerardo Richarte (Dec 05)
- Re: buffer overflow question Marshal (Dec 05)
- Re: buffer overflow question Richard Masoner (Dec 05)
- RE: buffer overflow question Dr Anish.M (Dec 06)
- <Possible follow-ups>
- Re: buffer overflow question Minchu Mo (Dec 09)
- Re: Phpnuke Cross site scripting vulnerability (patch) supergate (Dec 09)
- Re: buffer overflow question Richard Masoner (Dec 10)
- Re: buffer overflow question Iván Arce (Dec 04)