Bugtraq mailing list archives
Re: passlogd sniffer remote buffer overflow root exploit.
From: Dragos Ruiu <dr () kyx net>
Date: Thu, 3 Apr 2003 21:55:25 -0800
On April 3, 2003 08:24 am, dong-h0un U wrote:
Hello. Exploit confirmed possible truth in OpenBSD. But, I did not exploit. Also, did not test in RedHat 8.0.
...
/* ** ** [*] Title: Remote Multiple Buffer Overflow vulnerability in passlogd sniffer. ** [+] Exploit code: 0x82-Remote.passlogd_sniff.xpl.c
... I'm a little unclear on the meaning of "truth" here, but ProPolice will stop this exploit from working on OpenBSD 3.3 or -current/cvs. etoh++ :-) cheers, --dr -- pgpkey http://dragos.com/ kyxpgp -- http://cansecwest.com
Current thread:
- passlogd sniffer remote buffer overflow root exploit. dong-h0un U (Apr 03)
- Re: passlogd sniffer remote buffer overflow root exploit. Dragos Ruiu (Apr 04)