Home page logo

pen-test logo Penetration Testing mailing list archives

Format String Vulnerabilities
From: "Mike Gibson" <micheal.gibson () gmail com>
Date: Fri, 18 May 2007 14:22:05 -0400


I have a custom application that I am using to learn a little more
about format string vulnerabilities. It is basically an echo server. I
have been able to exploit the vulnerability and write data to memory
on the server however the problem I am seeing is that I want to
overwrite EIP but every time the application runs the stack seems to
be at a different location.

Does anyone know if Red Hat 9 has any form of stack protection? If so
is there a way to disable it?


This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]