Home page logo
/

bugtraq logo Bugtraq mailing list archives

Buffer Overflows exploit for SunOS 4.1.4
From: tarreau () AEMIAIF LIP6 FR (Willy TARREAU)
Date: Tue, 8 Jul 1997 17:11:40 +0200


Hello,

   about one month ago, I posted here a generic exploit for buffer
overflows on SunOS 4. I didn't find a real bug which could be exploited in
a standard application so my exploit applied only to my own programs.

Now, I succeeded in getting a root shell using the X11 ressource manager
bug ('xterm -xrm xxxxxxxxxxxxxxxxxxx...xxxxxxxxx'), which isn't new, but
demonstrates that my exploit really works.

As I saw, there aren't many buffer overflow exploits for SunOS, perhaps
because of some complications.

My package includes a script which can automatically try several stack
offsets, which could be useful when testing a wrapper in development.

You can retrieve this on my web page:

        http://www-miaif.lip6.fr/willy/security/sunos.html

Hope this can help somebody...

Willy Tarreau
--
+---------------+------------------------+----------------------------------+
| Willy Tarreau | tarreau () aemiaif lip6 fr | http://www-miaif.lip6.fr/willy/ |
| Magistere d'Informatique Appliquee de l'Ile de France (MIAIF), promo 97   |
| DEA  A.S.I.M.E. |  Universite Pierre et Marie Curie (Paris 6), FRANCE     |
+-----------------+---------------------------------------------------------+



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]