Bugtraq mailing list archives

Another exploit for cfingerd <= 1.4.3-8

From: teleh0r <teleh0r () digit-labs org>
Date: Wed, 11 Jul 2001 20:19:19 +0200

Dear bugtraq readers,

This is another exploit for the flaw found by Steven Van Acker.
http://www.securityfocus.com/archive/1/192844

In order to allow for more nops, I have constructed the payload
like this:

<82 nops><jmp 0x4><retaddr><shellcode>

[teleh0r@localhost teleh0r]$ ./cfingerd-exploit.pl -s 1
Address: 0xbffff46c
Exploit attempt succeeded!
[teleh0r@localhost teleh0r]#

Tested against cfingerd 1.4.3-8.

Sincerely yours,
teleh0r
http://www.digit-labs.org/teleh0r/

Attachment: cfingerd-exploit.pl
Description:

Current thread:

Another exploit for cfingerd <= 1.4.3-8 teleh0r (Jul 11)
- Re: Another exploit for cfingerd <= 1.4.3-8 Phil Stracchino (Jul 12)