Remote Exploit test fail

From: Minchu Mo (
Date: 10/25/01

Date: 25 Oct 2001 14:02:51 -0000
Message-ID: <>
From: Minchu Mo <>
Subject: Remote Exploit test fail

('binary' encoding is not supported, stored as-is) Mailer: SecurityFocus

I am testing a remote buffer overflow exploit on
sparcV9/solaris7 machine. The buffer overflow
happen in stack but jump to the hacking code resides
in heap. The hacking code is borrowed from lsp-pl
site ( findsock and shellcode).

When I traced the vulnerable server using adb, I can
see the control was transfered into the hacking code,
and spawn a shell and then failed with code dump
after shell spawning. But if I let the server run freely
without control from adb, the server seem to immune
to the attack and continue running.

My question is:
1.why the server behavior differently in adb and
2. Whether the heap allow the code be executed from
3. Or some other things prevent overflow happen