Bugtraq mailing list archives
Re: rdist exploit [bsdi]
From: sysman () homer bus miami edu (System Manager)
Date: Sat, 13 Jul 1996 18:23:11 -0400
Confirmed on our FreeBSD 2.0.5-RELEASE box. On Fri, 12 Jul 1996, jaeger wrote:
Here is a quick bsd/os (should work in freebsd too, I believe) exploitation script for the rdist buffer overflow vulnerbility.Confirmed for FreeBSD 2.1.0-RELEASE, 2.2-960501-SNAP and 2.2-960601-SNAP. Haven't tried it with the 2.1.5 release stream yet.It did NOT work on a friend's FreeBSD 2.1.0-RELEASE box. I guess it depends on the configuration and if the admin has done any other patching.The exploit must be compiled with no optimization or it throws off the hardcoded offsets. It indeed works on a 2.1.0-RELEASE machine. Verify that your friend's rdist is SUID and not a replacement package of some sort. -jaeger
Current thread:
- Re: rdist exploit [bsdi], (continued)
- Re: rdist exploit [bsdi] Brian Tao (Jul 11)
- Re: rdist exploit [bsdi] Damien Sorder (Jul 11)
- Re: rdist exploit [bsdi] jaeger (Jul 12)
- Re: rdist exploit [bsdi] Andrew N. Edmond (Jul 13)
- Re: rdist exploit [bsdi] Andy Dills (Jul 13)
- Re: rdist exploit [bsdi] Brian Tao (Jul 14)
- at the risk of another flamefest.. *Hobbit* (Jul 14)
- Re: at the risk of another flamefest.. David Stagner (Jul 15)
- Re: at the risk of another flamefest.. Alan L. Wendt (Jul 15)
- hpux 10.0 remote administration Matthew G. Harrigan (Jul 15)
- Re: rdist exploit [bsdi] System Manager (Jul 13)
- Re: rdist exploit [bsdi] Tom Bowman (Jul 12)
- Re: rdist exploit [bsdi] Brian Tao (Jul 12)
- Re: rdist exploit [bsdi] Cosimo Leipold (Jul 13)
- Re: rdist exploit [bsdi] Jack Flory (Jul 13)
- Re: rdist exploit [bsdi] Chris Caputo (Jul 13)
- Re: rdist exploit [bsdi] Brian Mitchell (Jul 14)