Bugtraq mailing list archives
Re: mtr-0.41 root exploit
From: R.E.Wolff () BITWIZARD NL (Rogier Wolff)
Date: Tue, 25 Apr 2000 23:41:15 +0200
[Elias, please approve either this one or the previous message that I sent, but not both. Of course, preferably this one, and not the other. Thanks. ] Hi Everyone, FYI, mtr-0.42 was released on march 4th, which fixes the mtr-oversight that allows this exploit to work. The actual bug (overflow) is in the Freebsd libncurses implementation. Back then we were confident that an exploit COULD be written, but decided not to wait until one would be written. Point proven. I would've appreciated the lesser "scare" when an accompanying note would've said that the bug was already fixed. Roger. -- ** R.E.Wolff () BitWizard nl ** http://www.BitWizard.nl/ ** +31-15-2137555 ** *-- BitWizard writes Linux device drivers for any device you may have! --* * Common sense is the collection of * ****** prejudices acquired by age eighteen. -- Albert Einstein ********
Current thread:
- Re: mtr-0.41 root exploit Rogier Wolff (Apr 25)
- Re: mtr-0.41 root exploit Kris Kennaway (Apr 25)