|
Vulnerability Development
mailing list archives
Re: Must coredump? No. (Was: Local root through vuln...)
From: Daniel Jacobowitz <drow () FALSE ORG>
Date: Thu, 24 Aug 2000 09:57:26 -0700
On Thu, Aug 24, 2000 at 12:11:12AM +0200, Bluefish (P.Magnusson) wrote:
My qoute:
Doesn't seem exploitable, but a bit funny :)
is very relaxed and unspecific. Anyone saying "Doesn't seem exploitable"
should certainly not be considered to have real research behind his words.
"Seem" is a very weak word.
What I ment was that all testings I've done so far with traceroute has
never once resulted in a coredump. Therefor I think, without strong
research behind my words, that this specific bug does never cause a
buffert overflow. I also assumed traceroute to be written of such
simplicity and logical behaivor that there exists no condition where
overwritten data can cause a problem.
In this case, I have a hunch that it -is- exploitable, actually. With
a little assistance from Nergal yesterday, I am very close to having it
written; I'll pound on it in my next free time.
It's a very silly bug.
Dan
/--------------------------------\ /--------------------------------\
| Daniel Jacobowitz |__| SCS Class of 2002 |
| Debian GNU/Linux Developer __ Carnegie Mellon University |
| dan () debian org | | dmj+ () andrew cmu edu |
\--------------------------------/ \--------------------------------/
 By Date 
By Thread
Current thread:
|
Intro
