Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Vulnerability Development mailing list archives

Re: Vi buffer overflow
From: Jose Nazario <jose () biocserver BIOC cwru edu>
Date: Thu, 8 Nov 2001 22:31:18 -0500 (EST)
On Tue, 6 Nov 2001, KF wrote:


Not sure how big of a deal either of these are due to the fact that
they are not suid... any thoughts?


can you force a filename that is arbitrarily input from a user to someone
with higher or other privilidges? can you target this? that would make in
interesting.

____________________________
jose nazario                                                 jose () cwru edu
                     PGP: 89 B0 81 DA 5B FD 7E 00  99 C3 B2 CD 48 A0 07 80
                                       PGP key ID 0xFD37F4E5 (pgp.mit.edu)

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]