Bugtraq mailing list archives
Re: ADV/EXP:pic/lpd remote exploit - RH 7.0
From: iG0R <igor () bs volga ru>
Date: Mon, 30 Jul 2001 08:21:36 +0500
On 29 July 2001 13:57, you wrote:
It seems that some releases aren't affected. Can anyone confirm these ones: Mandrake 8 groff 1.16.1 RedHat 6.2 groff 1.15 ? I can confirm it works indeed on RedHat 5.2 and 6.1 (default distro).
Mandrake 8.0 are vulnerable with groff-1.16.1-7mdk and safe_address 0x8075fab 1: x/i $eip 0x805683c <strcpy+55720>: jmp *0x8066b50(,%edx,4) (gdb) 0x08056853 in strcpy () 1: x/i $eip 0x8056853 <strcpy+55743>: mov $0x1,%edx (gdb) 0x08056858 in strcpy () 1: x/i $eip 0x8056858 <strcpy+55748>: mov %edx,0x8075fac (gdb) 0x0805685e in strcpy () 1: x/i $eip 0x805685e <strcpy+55754>: jmp 0x8056975 <strcpy+56033> (gdb)
Current thread:
- ADV/EXP:pic/lpd remote exploit - RH 7.0 zen-parse (Jul 26)
- <Possible follow-ups>
- Re: ADV/EXP:pic/lpd remote exploit - RH 7.0 Marco Castelvecchio (Jul 29)
- Re: ADV/EXP:pic/lpd remote exploit - RH 7.0 iG0R (Jul 29)