|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Erik Fichtner (techs
OBFUSCATION.ORG)Date: Fri Apr 06 2001 - 21:36:22 CDT
On Fri, Apr 06, 2001 at 08:38:18AM -0300, Durval Menezes wrote:
> If it's really vulnerable, shouldn't it have at least dumped core?
Not necessarily. 4.0.99k on OpenBSD-2.8/i386 happily kept on chugging
when I poked it with this exploit (all three demo offset variants, btw),
and this is not any special magic "audited by OpenBSD" version of ntp or
anything like that. We know 4.0.99k is vulnerable, though.
--
Erik Fichtner; Unix Ronin
http://www.obfuscation.org/techs/
"The reasonable man adapts himself to the world; the unreasonable one
persists in trying to adapt the world to himself. Therefore, all progress
depends on the unreasonable." -- George Bernard Shaw
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (FreeBSD) Comment: For info see http://www.gnupg.org
iEYEARECAAYFAjrOfSUACgkQDf8awdbGHo2lowCgykFWNzUdJQS/ripEmpzsVmZG sgsAn2xUC7LiT53YwjrgT2BrEx7uxUF8 =3wsW -----END PGP SIGNATURE-----
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]