Re: iDEFENSE Security Advisory 09.26.2002: Exploitable Buffer Overflow in gv
From: Boris Veytsman (borisv@lk.net)Date: 09/26/02
- Previous message: David Endler: "Errata: iDEFENSE Security Advisory 09.26.2002: Exploitable Buffer Overflow in gv"
- In reply to: David Endler: "iDEFENSE Security Advisory 09.26.2002: Exploitable Buffer Overflow in gv"
- Next in thread: David Endler: "RE: iDEFENSE Security Advisory 09.26.2002: Exploitable Buffer Overflow in gv"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 26 Sep 2002 13:44:56 -0400 From: Boris Veytsman <borisv@lk.net> To: bugtraq@securityfocus.com
> From: David Endler <dendler@idefense.com>
> Date: Thu, 26 Sep 2002 08:58:48 -0600 (MDT)
>
> A proof of concept exploit for Red Hat Linux designed by zen-parse is
> attached to this message. It packages the overflow and shellcode in
> the "%%PageOrder:" section of the PDF.
>
> [root@victim]# ls -al /tmp/itworked
> /bin/ls: /tmp/itworked: No such file or directory
> [root@victim]# gv gv-exploit.pdf
> [root@victim]# ls -al /tmp/itworked
> - -rw-r--r-- 1 root root 0 Aug 22 16:50 /tmp/itworked
> [root@victim]#
>
Does not work for me:
boris@reston-0491:~/convert$ gv -v
gv 3.5.8 (debian)
boris@reston-0491:~/convert$ gv gv-exploit.pdf
Segmentation fault
boris@reston-0491:~/convert$ ls -al /tmp/itworked
ls: /tmp/itworked: No such file or directory
-- Good luck-Boris
By long-standing tradition, I take this opportunity to savage other designers in the thin disguise of good, clean fun. -- P.J. Plauger, "Computer Language", 1988, April Fool's column.
- Previous message: David Endler: "Errata: iDEFENSE Security Advisory 09.26.2002: Exploitable Buffer Overflow in gv"
- In reply to: David Endler: "iDEFENSE Security Advisory 09.26.2002: Exploitable Buffer Overflow in gv"
- Next in thread: David Endler: "RE: iDEFENSE Security Advisory 09.26.2002: Exploitable Buffer Overflow in gv"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
