Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Vulnerability Development: Re: core dump on mingetty and getty

Re: core dump on mingetty and getty

From: KF <dotslash_at_snosoft.com>
Date: Mon, 03 Dec 2001 17:21:21 -0500

Why do we care... because I am joe schmoe_cant_code_a_lick_of_c and I
make retarded mistakes
in my code. (Stupid examples follow).
#include <stdio.h>
void main(int *argc, char **argv)
{
        char *runme[2];
        setuid(0);
        setgid(0);
        runme[0] = argv[1];
        runme[1] = 0;
        execve("/sbin/getty", runme, 0);
}

For that matter...m4 is a userland non-privileged level program ... yet
it led to a man exploit.
Flames > /dev/null ... comments welcome.

-KF

fish stiqz wrote:
>
> My question.. why do we care if a userland non-privileged program has
> a trivial buffer overflow vulnerability? This seems like a complete
> waste of time. Who cares???!?!?!
>
> --
> fish stiqz <fish_at_synnergy.net>
> Synnergy Networks: http://www.synnergy.net/
Received on Dec 03 2001

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos