Vulnerability Development mailing list archives

Re: /usr/bin/ddate buffer overflow

From: "Larry W. Cashdollar" <lwc () VAPID DHS ORG>
Date: Wed, 14 Feb 2001 10:14:59 -0800

On Tue, 13 Feb 2001, enthh () FLASH NET wrote:

two things. number one, i stated that you will most likely have to brute
force the offset (make a bash/perl script to try running the exploit with
different offsets) because i wrote it for my _slackware_ box, and number
two, as stated before, ddate is NOT suid, therefore you will not recieve
elevated privaledges (your id wont change).


This is correct, I wrote an exploit for Mandrake 7.2 myself (yes I was
bored too.)  Since ddate is not setuid it is moot.  If someone wants a
copy of my Mandrake exploit drop me an email.

Current thread:

Re: ftp.exe buffer overflow ?, (continued)
- - - Re: ftp.exe buffer overflow ? Ryan Permeh (Feb 16)
    - Internet explorer bug or Micromedia Flash bug ? cyber_hunter (Feb 19)
    - Re: ftp.exe buffer overflow ? Antti Hakulinen (Feb 15)
    - Message not available
    - Re: ftp.exe buffer overflow ? Lincoln Yeoh (Feb 13)
    - Re: ftp.exe buffer overflow ? Lord Soth (Feb 11)
    - Message not available
    - Re: /usr/bin/ddate buffer overflow enthh () FLASH NET (Feb 11)
  - Re: /usr/bin/ddate buffer overflow Larry W. Cashdollar (Feb 10)
- Re: /usr/bin/ddate buffer overflow poke (Feb 11)
- Re: /usr/bin/ddate buffer overflow s1gnal_9 (Feb 11)
- Re: /usr/bin/ddate buffer overflow enthh () FLASH NET (Feb 13)
  - Re: /usr/bin/ddate buffer overflow Larry W. Cashdollar (Feb 14)