Full Disclosure mailing list archives
RE: No Subject (re: openssh exploit code?)
From: "V.O." <vosipov () tpg com au>
Date: Wed, 22 Oct 2003 10:21:56 +1000
These paragraphs do more to convince me that the exploit is possible than all the rest of the flame war put together. Thanks, both of you.
does anybody need a refresher on heap overflows? :) http://vg.rstack.org/download/l01/bof.pdf (2002 btw) chapter 3 and 3.6 in particular. and of course there is Greg Hoglunds blackhat 2000 paper, but it does not deal much with heap overwrites, just function pointers. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: No Subject (re: openssh exploit code?), (continued)
- RE: No Subject (re: openssh exploit code?) Bassett, Mark (Oct 21)
- Re: No Subject (re: openssh exploit code?) Richard Massa (Oct 21)
- RE: No Subject (re: openssh exploit code?) Ron DuFresne (Oct 22)
- No Subject (re: openssh exploit code?) mitch_hurrison (Oct 21)
- Re: No Subject (re: openssh exploit code?) Dan Wilder (Oct 21)
- Re: No Subject (re: openssh exploit code?) Helmut Springer (Oct 23)
- RE: No Subject (re: openssh exploit code?) Robert Ahnemann (Oct 21)
- RE: No Subject (re: openssh exploit code?) Robert Ahnemann (Oct 21)
- RE: No Subject (re: openssh exploit code?) Robert Ahnemann (Oct 21)
- RE: No Subject (re: openssh exploit code?) Montana Tenor (Oct 21)
- RE: No Subject (re: openssh exploit code?) V.O. (Oct 21)
- Re: No Subject (re: openssh exploit code?) Kenneth R. van Wyk (Oct 21)
- RE: No Subject (re: openssh exploit code?) Montana Tenor (Oct 21)
- RE: No Subject (re: openssh exploit code?) Schmehl, Paul L (Oct 21)
- RE: No Subject (re: openssh exploit code?) Generated by a PseudoRandom Number Generator (Oct 21)
- RE: No Subject (re: openssh exploit code?) Bassett, Mark (Oct 21)