Bugtraq mailing list archives

Re: passlogd sniffer remote buffer overflow root exploit.

From: Dragos Ruiu <dr () kyx net>
Date: Thu, 3 Apr 2003 21:55:25 -0800

On April 3, 2003 08:24 am, dong-h0un U wrote:

Hello.

Exploit confirmed possible truth in OpenBSD.
But, I did not exploit.
Also, did not test in RedHat 8.0.

...

/*
**
** [*] Title: Remote Multiple Buffer Overflow vulnerability in passlogd
sniffer. ** [+] Exploit code: 0x82-Remote.passlogd_sniff.xpl.c

...

I'm a little unclear on the meaning of "truth" here, but
ProPolice will stop this exploit from working on OpenBSD 3.3 or
-current/cvs.

etoh++ :-)

cheers,
--dr

-- 
pgpkey http://dragos.com/ kyxpgp   -- http://cansecwest.com

Current thread:

passlogd sniffer remote buffer overflow root exploit. dong-h0un U (Apr 03)
- Re: passlogd sniffer remote buffer overflow root exploit. Dragos Ruiu (Apr 04)