lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <43A733D6.6080203@digitalmunition.com>
Date: Mon Dec 19 22:29:24 2005
From: kf_lists at digitalmunition.com (KF (lists))
Subject: Unzip *ALL* verisons ;))

Um... the point was that 3 years ago when I found this (or something 
similar)... the attached exploit worked just fine. I could give a rats 
ass less what you or anyone else does with it today. The bug was pretty 
much pointless to begin with anyway.

All these folks are talking about not being able to reproduce it... blah 
blah... well all I was saying was that I have seen a /bin/sh prompt 
produced via this issue.

I'll kindly remove my nose from your uber er33t understanding of this 
crucial unzip overflow.

-KF

>DVDMAN's code is pointless. Use the source, luke, and stop watching movies.....
>
>--
>
>regards
>c0ntex
>
>
>
>  
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ