>
> Here is the source code for the c.c hack and I've attached another program
> called a.out (not sure what that program does) Any comments are greatly
> appreciated, David
>
The first program( The C source code ), exploits an stack overwrite in
glibc 2.x. There is an RPM update for that available at redhat.com.
Judging from the strings output of the second program ( the binary ), I am
going to guess that it is an exploit for a stack overwrite in the dip
program. This might be the old dip exploit from several years ago( if it
is, most systems nowadays won't be vulnerable to it ).
Dave
--- ---
David Goldsmith [EMAIL PROTECTED]
DEC Consulting http://www.dec.net
Software Development/Internet Security http://www.dec.net/~dhg
--
PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
http://www.redhat.com/RedHat-FAQ /RedHat-Errata /RedHat-Tips /mailing-lists
To unsubscribe: mail [EMAIL PROTECTED] with
"unsubscribe" as the Subject.
