Bugtraq mailing list archives
Re: top format string bug exploit code (exploitable)
From: Joe Warren-Meeks <joe () hole-in-the net>
Date: Fri, 27 Jul 2001 11:45:13 +0100
On Wed, Jul 25, 2001 at 05:18:42PM +0100, David Brownlee scribed:
possible to get kmem priviledge in the XXXXBSD which is still not patched, possible to get root priviledge in solaris .As regards NetBSD: I don't know about earlier versions, but 1.5 and later will be safe from this (or any other top exploit) as the binary is not setid.
joe@black:/home/joe $ uname -a OpenBSD black 2.9 Black#0 i386 joe@black:/home/joe $ ls -las /usr/bin/top 36 -r-xr-xr-x 1 root bin 36864 Jun 23 16:41 /usr/bin/top joe@black:/home/joe $ -- joe.
Current thread:
- top format string bug exploit code (exploitable) SeungHyun Seo (Jul 25)
- Re: top format string bug exploit code (exploitable) David Brownlee (Jul 25)
- Re: top format string bug exploit code (exploitable) Joe Warren-Meeks (Jul 27)
- Re: top format string bug exploit code (exploitable) Przemyslaw Frasunek (Jul 25)
- Re: top format string bug exploit code (exploitable) Lupe Christoph (Jul 26)
- Re: top format string bug exploit code (exploitable) David Brownlee (Jul 25)