Re: Format String Vulnerabilities

From: Pranay Kanwar (warl0ck@metaeye.org)
Date: Fri May 18 2007 - 17:02:58 EDT


Hi,

RedHat 9 does not have any protection enabled
in the default installation ( i am even sure it does not exist).
As i recall RedHat 9 shipped with kernel 2.4.20 and it does
not have any stack protection by default.

Also it may be possible the kernel has been patched with
Grsecurity patch or Open wall's patch.

Also it would be beneficial if you took a look at scut's paper
on exploiting format string vulnerabilities and LSD's discussion
of IRIX telnet daemon exploit.

regards,

warl0ck // MSG
http://www.metaeye.org

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:48 EDT