Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 1 Jul 1998 09:22:58 +0200 (MET DST)
From:      Michal Kopijasz <michalk@Eleet.iele.polsl.gliwice.pl>
To:        freebsd-security@FreeBSD.ORG
Subject:   Re: xlock
Message-ID:  <Pine.LNX.3.95.980701092105.10736C-100000@Eleet.iele.polsl.gliwice.pl>
In-Reply-To: <19980629092005.33214@gil.physik.rwth-aachen.de>

next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 29 Jun 1998, Christoph Kukulies wrote:

> On Mon, Jun 29, 1998 at 08:58:02AM +0200, Thomas Gellekum wrote:
> > Christoph Kukulies <kuku@gilberto.physik.RWTH-Aachen.DE> writes:
> > 
> > > Alarmed by recent buffer overflow attacks on Linux machines in
> > > my vicinity (an exploit for this is available) I thought about
> > > xlock under FreeBSD and would like to know whether the
> > > security hole has been sorted out under FreeBSD 2.2.x or what
> > > measures are advised to prevent it.
> > 
> > Could you tell more about this?
> 
>  /* x86 XLOCK overflow exploit
>       by cesaro@0wned.org 4/17/97
> 
>       Original exploit framework - lpr exploit
> 
>       Usage: make xlock-exploit
>              xlock-exploit  <optional_offset>
> 
>       Assumptions: xlock is suid root, and installed in /usr/X11/bin
>   */
> 
> [complete xploit can be sent on demand]

do You can send me?

thanks

Michal; ircNET: mkm ;icq:UIN 14202913; http://elf.univ.waw.pl/~znachor
traceroute to siemianowice.sl.pl   mailto: mordownia@50.ml.org
"Albo znajdziemy droge, albo ja zbudujemy" Hannibal


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.3.95.980701092105.10736C-100000>