Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: dump buffer overflow
From: lamagra () HACKERMAIL NET (Lamagra Argamal)
Date: Tue, 7 Mar 2000 21:14:32 -0000


On FreeBSD dump has the same hole i describes in my previous post. Only it is exploitable :-)
Dump with kerberos has __atexit and __cleanup after all the other variables on the heap. By overwriting these variables 
you can start your shellcode.

Most of the credits should go to zen-parse who found and tested this.

-lamagra

Greets to lurux, grue, typo, jolt-freak.
http://lamagra/seKure.de

Send someone a cool Dynamitemail flashcard greeting!! And get rewarded.
GO AHEAD! http://cards.dynamitemail.com/index.php3?rid=fc-41


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault