|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: Exploiting overflow of heap-based buffers
From: Pavel Kankovsky (peak
argo.troja.mff.cuni.cz)Date: Wed May 24 2000 - 03:25:19 CDT
- Next message: typoinferno.tusculum.edu: "Re: Exploiting overflow of heap-based buffers"
- Previous message: Solar Designer: "Re: Exploiting overflow of heap-based buffers"
- In reply to: Steve Beattie: "Re: Exploiting overflow of heap-based buffers"
- Next in thread: Solar Designer: "Re: Exploiting overflow of heap-based buffers"
- Reply: Pavel Kankovsky: "Re: Exploiting overflow of heap-based buffers"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Tue, 23 May 2000, Steve Beattie wrote:
> Pavel Kankovsky posted an exploit of suidperl to bugtraq on Nov 13 1997,
> see kerberos.troja.mff.cuni.cz">http://www.securityfocus.com/templates/archive.pike?list=1&date=1997-11-8&msg=Pine.LNX.3.95.971113162510.3729B-100000kerberos.troja.mff.cuni.cz
> That one in particular overwrites a setjmp/longjmp buffer on the heap.
No. Both the text buffer and the "jump buffer" were static variables.
--Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ]
"Resistance is futile. Open your source code and prepare for assimilation."
- Next message: typoinferno.tusculum.edu: "Re: Exploiting overflow of heap-based buffers"
- Previous message: Solar Designer: "Re: Exploiting overflow of heap-based buffers"
- In reply to: Steve Beattie: "Re: Exploiting overflow of heap-based buffers"
- Next in thread: Solar Designer: "Re: Exploiting overflow of heap-based buffers"
- Reply: Pavel Kankovsky: "Re: Exploiting overflow of heap-based buffers"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]