Vulnerability Development mailing list archives
Re: ddd smashed
From: Pavel Kankovsky <peak () argo troja mff cuni cz>
Date: Wed, 16 Jan 2002 17:53:24 +0100 (MET)
On 16 Jan 2002, l0rt wrote:
Why would anyone want to do it? None the less it is still a problem/bug that should be fixed. If you choose to be ignorant and assume that people do not do stupid things then please do not try to force that on me.
What I want to say is that this bug is irrelevant from the security POV because the mere fact you allow someone to start debugger as, say, root, gives the user in question full control over the superuser (do you know there is a "shell" command in gdb) and there is no need to exploit buffer overflows in ddd. --Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ] "Resistance is futile. Open your source code and prepare for assimilation."
Current thread:
- ddd smashed l0rt (Jan 15)
- Re: ddd smashed Pavel Kankovsky (Jan 16)
- Re: ddd smashed l0rt (Jan 16)
- Re: ddd smashed Pavel Kankovsky (Jan 16)
- Re: ddd smashed l0rtamus Prime (Jan 16)
- Re: ddd smashed l0rt (Jan 16)
- Re: ddd smashed Pavel Kankovsky (Jan 16)