| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20050126124250.GA19204@maya.vse.cz> From: janus at volny.cz (Honza Vlach) Subject: /usr/bin/trn local root exploit Who would install trn setuid anyway? Regards, Honza Vlach On Wed, Jan 26, 2005 at 07:05:27AM -0500, msh at datakill wrote: > From: msh at datakill <msh@...akill.us> > Date: Wed, 26 Jan 2005 07:05:27 -0500 > To: full-disclosure@...ts.netsys.com > Subject: Re: [Full-Disclosure] /usr/bin/trn local root exploit > > I just tested this on Slackware 10 and I get nothing but Segementation > Faults. I see that you have the RET value filled in, but how am I to > calculate what to use for the BOO? You use 142 and 128 in the example. -- -----BEGIN GEEK CODE BLOCK----- Version: 3.12 GIT/CS d- s: a-- C++++$ ULS++++$ P L+++ E--- W- N+ o? K? w-->--- O? M->+ V? PS PE Y++ PGP+++ !t 5? X++ R tv-- b++ DI+ D++ G+>+++ e h--- r++ y? ------END GEEK CODE BLOCK------ () ascii ribbon campaign - against html mail /\ - against microsoft attachments -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20050126/a698bda4/attachment.bin
Powered by blists - more mailing lists