From owner-freebsd-security  Wed Mar 13 04:32:44 1996
Return-Path: owner-security
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.3/8.7.3) id EAA27000
          for security-outgoing; Wed, 13 Mar 1996 04:32:44 -0800 (PST)
Received: from nervosa.com (root@nervosa.com [192.187.228.86])
          by freefall.freebsd.org (8.7.3/8.7.3) with ESMTP id EAA26995
          for <security@freebsd.org>; Wed, 13 Mar 1996 04:32:41 -0800 (PST)
Received: from nervosa.com (coredump@onyx.nervosa.com [10.0.0.1]) by nervosa.com (8.7.5/nervosa.com.2) with SMTP id EAA10737; Wed, 13 Mar 1996 04:32:32 -0800 (PST)
Date: Wed, 13 Mar 1996 04:32:23 -0800 (PST)
From: invalid opcode <coredump@nervosa.com>
To: Nathan Lawson <nlawson@kdat.csc.calpoly.edu>
cc: security@freebsd.org
Subject: Re: CA-95:14
In-Reply-To: <199603131122.DAA10184@kdat.calpoly.edu>
Message-ID: <Pine.BSF.3.91.960313043129.9067A-100000@nervosa.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-security@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

On Wed, 13 Mar 1996, Nathan Lawson wrote:

> > Sorry, my mistake. It appears that it is still present in -release, but 
> > i've tried to exploit it here and no luck.
> 
> It's easy to exploit.  Create your own shared library (man ld if you don't 

I did that. No go. I'll try again.

> As for doing a strings on telnet and grepping for LD, that is an utter 
> misunderstanding of the problem.  The problem isn't in telnet, strings wouldn't
> Nate Lawson  \Yeah, I was dreaming through the 'howzlife', yawning, car black, 

I said I was wrong the first time, and that I intended to grep in telnetd 
and not telnet.

== Chris Layne =============================================================
== coredump@nervosa.com ================ http://www.nervosa.com/~coredump ==