[4301] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Buffer overflow in sperl5.003

daemon@ATHENA.MIT.EDU (David Luyer)
Fri Apr 18 03:41:26 1997

Date: 	Fri, 18 Apr 1997 11:12:04 +0800
Reply-To: David Luyer <luyer@UCS.UWA.EDU.AU>
From: David Luyer <luyer@UCS.UWA.EDU.AU>
X-To:         Murphy <jtmurphy@CRAY1.ECST.CSUCHICO.EDU>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To:  <Pine.LNX.3.96.970417140348.24662A-101000@cray1.ecst.csuchico.edu>

On Thu, 17 Apr 1997, Murphy wrote:
> Attached is the source for the exploit. Since it requires some work to
>be done to the compiled exploit (Stripping of 5 byte at the begining and
>end of the binary), the precompiled Linux x86 exploit can be found at
>http://www.ecst.csuchico.edu/~jtmurphy/localusers.html.

Note that the exploit tries offsets of 1170 to 1240.  Debian Linux with
sperl5.00307 requires a value of 1169 (and is vulnerable).

David.


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[4301] in bugtraq

Re: Buffer overflow in sperl5.003

daemon@ATHENA.MIT.EDU (David Luyer)Fri Apr 18 03:41:26 1997

daemon@ATHENA.MIT.EDU (David Luyer)
Fri Apr 18 03:41:26 1997