On Thu, Jun 23, 2011 at 07:43:04AM +0200, Henri Doreau wrote:
2011/6/23 Djalal Harouni <tixxdz () opendz org>:
The script was tested against Ubuntu and Debian. x86 architectures were
exploited successfully. On x86_64 the smtpd child will be killed, but
the script can detect this and report it.
I think that this behavior we observed on a x86_64 system is actually
due to anti-exploitation mechanisms instead of the CPU architecture.
To be confirmed though.
Yes, from the logs glibc detects that this is an invalid pointer, and
aborts the munmap operation, glibc includes by default heap protections.
On x86_64 the size of variables and structures also count.
I'll update that statement to: "can exploit or detect that the smtpd was