lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 9 Jun 2004 18:36:31 -0400 (EDT) From: Jonathan S <js@...llo.gti.net> To: bugtraq@...urityfocus.com Cc: da@...urityfocus.com Subject: Mkdir exploit for PDP-11 doesn't work Tim Newsham is right that there is an overflow present, but his exploit doesn't work (for me - it may work fine on his PDP-11 or emu). A bus error is what happens, which is a good sign that the return address needs to be changed. It sucks that there aren't very many tools in UnixV7, including text editors. Here's the log of me executing the code he posted (I'll probably have it fixed so it works in 5 minutes, with any luck): $ pwd /tmp $ ./id ruid=7 rgid=3 $ ./mkdir_exp mkdir: cannot access A.A.A.A.A.A.A.A.A.A.A.A.A.A.A.A.A.A.A.A.A.A.A.A.A.A.AeVB.Be x2 B.! C.!.D.a.!.!.; I.I.I.I.I./bin/shaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa ~/. Bus error - core dumped $ ./id ruid=7 rgid=3 $ Sincerely, Jonathan Stuart, CISSP js@....net (personal)
Powered by blists - more mailing lists