Date: Thu, 27 Mar 1997 08:05:35 -0700 From: Warner Losh <imp@village.org> To: proff@suburbia.net Cc: security@freebsd.org Subject: Re: FreeBSD-SA-97:02: Buffer overflow in lpd Message-ID: <E0wAGkB-00072F-00@rover.village.org> In-Reply-To: Your message of "Thu, 27 Mar 1997 09:48:29 %2B1100." <19970326224830.6053.qmail@suburbia.net> References: <19970326224830.6053.qmail@suburbia.net>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <19970326224830.6053.qmail@suburbia.net> proff@suburbia.net writes: : Writing exploit code using only alpha-numeric characters, "." and "-" might : be an interesting challenge. There have been reports in various lists that have exactly this kind of code, or at least pointers to this kind of code. Writing the egg for the buffer overflow is the hard part of this, but it has been done, at least for intel machines. Kinda scary. Then again, if you have the old ms-kermit program, look at boot.com. All printable characters and it does very useful things. While printable characters are a superset of a-zA-Z.-, there is no reason why you couldn't do it.... Warner
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E0wAGkB-00072F-00>