Date: Sun, 9 Feb 1997 15:27:14 -0800 (PST) From: Steve Reid <steve@edmweb.com> To: Marc Slemko <marcs@znep.com> Cc: freebsd-security@FreeBSD.org Subject: Re: buffer overruns Message-ID: <Pine.LNX.3.95.970209144712.808A-100000@bitbucket> In-Reply-To: <Pine.BSF.3.95.970209140207.11077I-100000@alive.ampr.ab.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
> > [snip] points it to a new piece of code you just inserted with the > > overflow data. > While that is currently one of the most popular methods of exploiting > overflows, it is important to remember that is _not_ the only method; IIRC, the RTM internet worm exploited an overflow in fingerd by overwriting the filename string for the local finger program with "/bin/sh", which caused it to execute a shell instead of a regular finger. No return address manipulation was required.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.3.95.970209144712.808A-100000>