|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Larry W. Cashdollar (lwc
VAPID.DHS.ORG)Date: Wed Feb 14 2001 - 12:14:59 CST
On Tue, 13 Feb 2001, enthhFLASH.NET wrote:
> two things. number one, i stated that you will most likely have to brute
> force the offset (make a bash/perl script to try running the exploit with
> different offsets) because i wrote it for my _slackware_ box, and number
> two, as stated before, ddate is NOT suid, therefore you will not recieve
> elevated privaledges (your id wont change).
>
This is correct, I wrote an exploit for Mandrake 7.2 myself (yes I was
bored too.) Since ddate is not setuid it is moot. If someone wants a
copy of my Mandrake exploit drop me an email.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]