Back to list
Exploit for traceroute-nanog overflow
Nov 29 2002 05:49PM
Carl Livitt (carl learningshophull co uk)
Attached is a working proof-of-concept exploit for the traceroute-nanog local
root hole. It works on SuSE 7.x/8.0 and maybe others too.
It includes detailed information on where the vulnerability lies in the source
code, problems in exploitation and solutions to those problems.
It also highlights _another_ possible vulnerability in the form of a heap
overflow (not yet researched).
[ reply ]
Copyright 2010, SecurityFocus