Vulnerability Development mailing list archives
mysqld buffer overflow exploit development
From: rpc <h () ckz org>
Date: Fri, 19 Jan 2001 11:02:49 GMT
Guys, After the specifics of the mysqld exploit were released to bugtraq, I began working on an exploit for linux. Has anyone confirmed that this is actually exploitable? Granted I've only been hacking away at it for 15 minutes, but it seems there's a pretty strict character limitation. Can't jump into libc (no 0x40) nor the stack (no 0xbf). I was able to make it return into 0x80 space, but I don't know if there will be anything useful that's addressable. --rpc
Current thread:
- mysqld buffer overflow exploit development rpc (Jan 21)