NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Vuln-Dev> 2000-q3

Subject: Re: Local root through vulnerability in ping on linux.
From: geoff (geoffCARDBOARDTRANSMITTER.NET)
Date: Tue Aug 22 2000 - 20:44:25 CDT

Next message: Michal Zalewski: "Re: Local root through vulnerability in ping on linux."
Previous message: Dener Martins: "Re: Non-Mathmatical Forging of PKI Digital Certificates /Throwing Rocks at the PKI"
In reply to: Hue-Bond: "Re: Local root through vulnerability in ping on linux."
Next in thread: Bluefish (P.Magnusson): "Re: Local root through vulnerability in ping on linux."
Reply: geoff: "Re: Local root through vulnerability in ping on linux."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 21 Aug 2000 18:06:28 +0200, you wrote:

>El lunes 21 de agosto de 2000 a la(s) 10:26:34 +0200, Michal Zalewski contaba:
>>
>>What about 'traceroute -g 127.0.0.1 127.0.0.1' and other combinations
>>(depending on DNS entry and IP number representation, you can cause many
>>interesting memory dumps or some SEGVs on RH 6.2 Linux box and many other
>>boxes as well)?
>
> Yes, certainly. This is a Debian 2.2:
>
>$ /usr/sbin/traceroute -g 127.0.0.1 127.0.0.1
>traceroute to (127.0.0.1), 30 hops max, 46 byte packets
>traceroute: sendto: Argumento inválido
> 1 traceroute: wrote WUJ¡9å 46 _ =1
>
> After this, the chars in screen got scrambled as if you type
> ^V^N^M at the shell prompt. traceroute version 1.4a5-2 installed.
>
>
>>lcamtuftpi.pl

[geoffschubert geoff]$ uname -a
Linux schubert.nodecaf.com 2.2.14-15mdk #1 Tue Jan 4 22:24:20 CET 2000 i686
unknown
[geoffschubert geoff]$ /usr/sbin/traceroute -g 127.0.0.1 255.255.255.255
Segmentation fault
[geoffschubert geoff]$ /usr/sbin/traceroute -g 127.0.0.1 127.0.0.1
traceroute to (127.0.0.1), 30 hops max, 46 byte packets
traceroute: sendto: Invalid argument
1 traceroute: wrote %H

,£9×2
46 chars, ret=-1
*traceroute: sendto: Invalid argument
traceroute: wrote gE

,£9?4
46 chars, ret=-1

[geoffschubert geoff]$

----

[geoffdevweb geoff]$ uname -a Linux devweb.nodecaf.com 2.2.14-5.0 #1 Tue Mar 7 21:07:39 EST 2000 i686 unknown [geoffdevweb geoff]$ /usr/sbin/traceroute -g 127.0.0.1 255.255.255.255 Segmentation fault [geoffdevweb geoff]$ /usr/sbin/traceroute -g 127.0.0.1 127.0.0.1 traceroute to (127.0.0.1), 30 hops max, 46 byte packets traceroute: sendto: Invalid argument 1 traceroute: wrote R‚

Ò+£9ŒÚ 46 chars, ret=-1

[geoffdevweb geoff]$

-----

[geoffsnuggles geoff]$ uname -a FreeBSD snuggles.nodecaf.com 4.0-20000307-CURRENT FreeBSD 4.0-20000307-CURRENT #0: Wed Mar 8 00:14:33 GMT 2000 rootmonster.cdrom.com:/usr/src/sys/compile/GENERIC i386 [geoffsnuggles geoff]$ /usr/sbin/traceroute -g 127.0.0.1 127.0.0.1 traceroute to 127.0.0.1 (127.0.0.1), 30 hops max, 48 byte packets 1 * * * 2 * * * ^C [geoffsnuggles geoff]$ /usr/sbin/traceroute -g 127.0.0.1 255.255.255.255 traceroute to 255.255.255.255 (255.255.255.255), 30 hops max, 48 byte packets 1 * * * 2 * * * ^C [geoffsnuggles geoff]$

-----

-- geoff

A UI is about making the computer's power easy to exploit, not about making new users feel comfortable. -- http://slashdot.org/comments.pl?sid=00/08/18/1711210&cid=83

Next message: Michal Zalewski: "Re: Local root through vulnerability in ping on linux."
Previous message: Dener Martins: "Re: Non-Mathmatical Forging of PKI Digital Certificates /Throwing Rocks at the PKI"
In reply to: Hue-Bond: "Re: Local root through vulnerability in ping on linux."
Next in thread: Bluefish (P.Magnusson): "Re: Local root through vulnerability in ping on linux."
Reply: geoff: "Re: Local root through vulnerability in ping on linux."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]