FreeBSD System Call Signed Integer Buffer Overflow Vulnerability

From: omegatron@hushmail.com
Date: 08/23/02

Previous message: Peter Gutmann: "Re: exploiting printers, home routers & smb routers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 22 Aug 2002 18:59:13 -0700
To: vuln-dev@securityfocus.com
From: omegatron@hushmail.com

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

Has anyone tried exploiting the vulnerable system calls for this hole?

Non-programmer type looking for proof of concept exploit code for this hole. Would like to provide customers with code to test for this hole. Appears this can be exploited to obtain root privs?

Please see for vulnerability info:

http://online.securityfocus.com/bid/5493

Any help/code would be appreciated.

-----BEGIN PGP SIGNATURE-----
Version: Hush 2.1
Note: This signature can be verified at https://www.hushtools.com

wl4EARECAB4FAj1llfEXHG9tZWdhdHJvbkBodXNobWFpbC5jb20ACgkQYPShwwsH0MKF
QQCgmwLRFVBr/GHKT1q60alfARLG/oEAn0aFl35uq4/eTjxv0XyAAOF7RYlB
=qPjn
-----END PGP SIGNATURE-----

Get your free encrypted email at https://www.hushmail.com

Previous message: Peter Gutmann: "Re: exploiting printers, home routers & smb routers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

FW: HEADS UP: Security Alert For Apache / PHP Webservers
... fixing on almost all FreeBSD/apache/php servers. ... > lists about methods & tools for exploiting the hole. ... > arbitrary code on the victim's system. ...
(FreeBSD-Security)
Re: [Full-disclosure] Re: Microsoft to give holes info to Uncle Samfirst
... Cambridge security researcher Ross Anderson says in his paper "Security ... in Open versus Closed Systems - The Dance of Boltzmann, ... patches once outsiders start exploiting the hole too. ...
(Full-Disclosure)
Re: Unfortunate dynamic linking for everything
... >> The additional hole of exploiting the system through the shared libs ... >> is a negative tradeoff. ...
(freebsd-current)