[24206] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: [Global InterSec 2002012101] DeleGate Application Proxy - Multiple Vulnerabilities

daemon@ATHENA.MIT.EDU (KOJIMA Hajime)
Fri Feb 8 18:05:02 2002

From: kjm@rins.ryukoku.ac.jp (KOJIMA Hajime)
To: bugtraq@securityfocus.com, research@globalintersec.com
In-reply-to: Your message of "Thu, 07 Feb 2002 21:59:10 PST"
In-reply-to: <017801c1b065$ba68f270$0b01a8c0@tomh61ib59mm58>
Date: Fri, 08 Feb 2002 17:16:51 +0900
Message-ID: <52768.1013156211@ideon.st.ryukoku.ac.jp>

In <017801c1b065$ba68f270$0b01a8c0@tomh61ib59mm58>,
"Global InterSec Research" wrote:
| 
|   As with many of the vulnerabilities in DeleGate, a SIGSEGV occurs
|   when attempting to strcpy() unexpectedly long strings.
|   In spite of attempts DeleGate makes to randomise the stack, we
|   were successful in overwriting the Extended instruction pointer.
|   Although the stack randomisation functions make things harder, they
|   do not make arbitrary command execution impossible.

  And, delegate has execve(2) trap (-Tx).  Can you break it?

- kjm


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[24206] in bugtraq

Re: [Global InterSec 2002012101] DeleGate Application Proxy - Multiple Vulnerabilities

daemon@ATHENA.MIT.EDU (KOJIMA Hajime)Fri Feb 8 18:05:02 2002

daemon@ATHENA.MIT.EDU (KOJIMA Hajime)
Fri Feb 8 18:05:02 2002