Date: Wed, 1 Jul 1998 09:22:58 +0200 (MET DST) From: Michal Kopijasz <michalk@Eleet.iele.polsl.gliwice.pl> To: freebsd-security@FreeBSD.ORG Subject: Re: xlock Message-ID: <Pine.LNX.3.95.980701092105.10736C-100000@Eleet.iele.polsl.gliwice.pl> In-Reply-To: <19980629092005.33214@gil.physik.rwth-aachen.de>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 29 Jun 1998, Christoph Kukulies wrote: > On Mon, Jun 29, 1998 at 08:58:02AM +0200, Thomas Gellekum wrote: > > Christoph Kukulies <kuku@gilberto.physik.RWTH-Aachen.DE> writes: > > > > > Alarmed by recent buffer overflow attacks on Linux machines in > > > my vicinity (an exploit for this is available) I thought about > > > xlock under FreeBSD and would like to know whether the > > > security hole has been sorted out under FreeBSD 2.2.x or what > > > measures are advised to prevent it. > > > > Could you tell more about this? > > /* x86 XLOCK overflow exploit > by cesaro@0wned.org 4/17/97 > > Original exploit framework - lpr exploit > > Usage: make xlock-exploit > xlock-exploit <optional_offset> > > Assumptions: xlock is suid root, and installed in /usr/X11/bin > */ > > [complete xploit can be sent on demand] do You can send me? thanks Michal; ircNET: mkm ;icq:UIN 14202913; http://elf.univ.waw.pl/~znachor traceroute to siemianowice.sl.pl mailto: mordownia@50.ml.org "Albo znajdziemy droge, albo ja zbudujemy" Hannibal To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.3.95.980701092105.10736C-100000>