lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20040613082800.7fa28280@krankor.localdomain>
Date: Sun, 13 Jun 2004 08:28:00 +0200
From: Denis Solaro <dsolaro@...enet.de>
To: bugtraq@...urityfocus.com
Subject: Re: Mkdir exploit for PDP-11 doesn't work


On Wed, 9 Jun 2004 18:36:31 -0400 (EDT)
Jonathan S <js@...llo.gti.net> wrote:

> Tim Newsham is right that there is an overflow present, but his exploit
> doesn't work (for me - it may work fine on his PDP-11 or emu).  A bus
> error is what happens, which is a good sign that the return address needs
> to be changed.  It sucks that there aren't very many tools in UnixV7,
> including text editors.
> 
> Here's the log of me executing the code he posted (I'll probably have it
> fixed so it works in 5 minutes, with any luck):

This could be induced by a bad grounding of the main console.  It happened to me
a few times when I've touched on of the panels.  You get a slight jolt and then
a few error messages when the hard drive unit is activated.  This is slightly
annoying but doesn't lead to a real security problem for the PDP-11. 
In my case Apache crashes, but I didn't find any proofs of any files tempered
with. 



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ