|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[STX] Multiple Security Vulnerabilities
ace
static-x.org
Date: Thu Jul 03 2003 - 12:39:11 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Multiple files vulnerable to a buffer overflow:
-
gnuchess is an updated version of the GNU chess playing program. It has a
simple alpha-numeric board display, an IBM PC compatible interface, or it
can be compiled for use with the chesstool program on a SUN workstation or
with the xboard program under X-windows.
-
gnuan produces an analysis of a chess game. For each move it shows the
move, the score and the principle variation selected by gnuchess.
-
isdnrep reads the isdnlog log files, generates reports, does
statistics, and other things. It can also generate HTML output for use
with a web server.
; By default the above are not suid.
proof of concept code for the above can be found at:
http://www.static-x.org/hax.php?pwned=code
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]