Re: [Full-Disclosure] Linux kernel brk() log reports

Valdis.Kletnieks_at_vt.edu
Date: 12/04/03

  • Next message: madsaxon: "RE: [Full-Disclosure] RE: Yahoo Instant Messenger YAUTO.DLL buffer overflow"
    To: David Hane <dlhane@sbcglobal.net>
    Date: Thu, 04 Dec 2003 17:46:17 -0500
    
    
    

    On Thu, 04 Dec 2003 12:49:47 PST, David Hane <dlhane@sbcglobal.net> said:
    > I am using logcheck to report unusual system events on several systems. I was
    > wondering if anyone could give me an example of a log message showing an
    > attempt to make use this exploit? I would like to put a sample in my
    > logcheck.hacking file.

    One of two things happens:

    1) The exploit works correctly. You probably don't get any log messages that
    logcheck can report.

    2) The exploit bombs. Your kernel OOPSes. Your logcheck should already be
    making note of OOPS and PANIC anyhow.

    
    

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html



  • Next message: madsaxon: "RE: [Full-Disclosure] RE: Yahoo Instant Messenger YAUTO.DLL buffer overflow"

    Relevant Pages