lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Thu, 3 Apr 2003 21:55:25 -0800
From: Dragos Ruiu <dr@....net>
To: "dong-h0un U" <xploit@...kermail.com>, bugtraq@...urityfocus.com
Subject: Re: passlogd sniffer remote buffer overflow root exploit.


On April 3, 2003 08:24 am, dong-h0un U wrote:
> Hello.
>
> Exploit confirmed possible truth in OpenBSD.
> But, I did not exploit.
> Also, did not test in RedHat 8.0.
...
> /*
> **
> ** [*] Title: Remote Multiple Buffer Overflow vulnerability in passlogd
> sniffer. ** [+] Exploit code: 0x82-Remote.passlogd_sniff.xpl.c
...

I'm a little unclear on the meaning of "truth" here, but
ProPolice will stop this exploit from working on OpenBSD 3.3 or
-current/cvs.

etoh++ :-)

cheers,
--dr

-- 
pgpkey http://dragos.com/ kyxpgp   -- http://cansecwest.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ