pen-test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Format String Vulnerabilities

from [Pranay Kanwar] [Permanent Link][Original]
To: Mike Gibson <micheal.gibson@gmail.com>
Subject: Re: Format String Vulnerabilities
From: Pranay Kanwar <warl0ck@metaeye.org>
Date: Sat, 19 May 2007 02:32:58 +0530
Cc: pen-test@securityfocus.com
Delivered-to: sp-com-lists@consult.net
Delivered-to: pentest-list2@consult.net
Delivered-to: mailing list pen-test@securityfocus.com
Delivered-to: moderator for pen-test@securityfocus.com
In-reply-to: <dd4aa4a20705181122i4f86c920j67d87f8d3d5c8a8@mail.gmail.com>
List-help: <mailto:pen-test-help@securityfocus.com>
List-id: <pen-test.list-id.securityfocus.com>
List-post: <mailto:pen-test@securityfocus.com>
List-subscribe: <mailto:pen-test-subscribe@securityfocus.com>
List-unsubscribe: <mailto:pen-test-unsubscribe@securityfocus.com>
Mailing-list: contact pen-test-help@securityfocus.com; run by ezmlm
Organization: Metaeye SG
References: <dd4aa4a20705181122i4f86c920j67d87f8d3d5c8a8@mail.gmail.com>
Reply-to: warl0ck@metaeye.org
Resent-date: Fri, 18 May 2007 16:33:27 -0600 (MDT)
Resent-from: pen-test-return-1078484186@securityfocus.com
Resent-message-id: <20070518223327.8096F2379CD@outgoing3.securityfocus.com>
Resent-sender: listbounce@securityfocus.com
Sender: listbounce@securityfocus.com
User-agent: Thunderbird 2.0.0.0 (X11/20070501) 
Hi,

RedHat 9 does not have any protection enabled
in the default installation ( i am even sure it does not exist).
As i recall RedHat 9 shipped with kernel 2.4.20 and it does
not have any stack protection by default.

Also it may be possible the kernel has been patched with
Grsecurity patch or Open wall's patch.

Also it would be beneficial if you took a look at scut's paper
on exploiting format string vulnerabilities and LSD's discussion
of IRIX telnet daemon exploit.

regards,

warl0ck // MSG
http://www.metaeye.org


------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Legality of WEP Cracking, Richard Brinson
Next by Date:  Re: Sneaking a peek on Wlan in airports, Jason Chambers
Previous by Thread:  Format String Vulnerabilities, Mike Gibson
Next by Thread:  Re: Format String Vulnerabilities, rajat swarup
Indexes:  [Date] [Thread] [Top] [All Lists]