On Thu, Apr 05, 2001 at 10:56:45PM -0500, Stephen Clouse wrote: > Having no effect on ntp-4.0.99k compiled from official source on Slackware > 7.0. Exploit says /tmp/sh was spawned but it never actually runs (/bin/bash > mode didn't change). As I said, exploiting this overflow isn't so easy -- offset and align values vary from platform to platform. Exploit was tested only on bare RedHat 7.0 and FreeBSD 4.2-STABLE compiled with -O6 -fomit-frame-pointer -march=pentiumpro. Did your ntpd segfaulted after running an exploit? -- * Fido: 2:480/124 ** WWW: http://www.frasunek.com/ ** NIC-HDL: PMF9-RIPE * * Inet: [EMAIL PROTECTED] ** PGP: D48684904685DF43EA93AFA13BE170BF *
- Re: ntpd =< 4.0.99k remote buffer... Bruce A. Mah
- Re: ntpd =< 4.0.99k remote buffer over... Gary E. Miller
- Re: ntpd =< 4.0.99k remote buffer... William D. Colburn (aka Schlake)
- Re: ntpd =< 4.0.99k remote buffer over... Charles Sprickman
- Re: ntpd =< 4.0.99k remote buffer... Jan Kluka
- Re: ntpd =< 4.0.99k remote buffer... Crist Clark
- Re: ntpd =< 4.0.99k remote buffer... Athanasius
- Re: ntpd =< 4.0.99k remote buffer over... Klaus Steden
- Re: ntpd =< 4.0.99k remote buffer over... Stephen Clouse
- Re: ntpd =< 4.0.99k remote buffer... Dick St.Peters
- Re: ntpd =< 4.0.99k remote buffer... Przemyslaw Frasunek
- Re: ntpd =< 4.0.99k remote bu... Stephen Clouse
- Re: ntpd =< 4.0.99k remote buffer over... Rex Sanders
- Re: ntpd =< 4.0.99k remote buffer over... Viraj Alankar
- ntpd - new Debian 2.2 (potato) versi... Daniel Kiper
- Re: ntpd =< 4.0.99k remote buffer over... Ogle Ron (Rennes)
- Re: ntpd =< 4.0.99k remote buffer... Erik Fichtner
- Re: ntpd =< 4.0.99k remote buffer... Erik Fichtner
- Re: ntpd =< 4.0.99k remote bu... Maciej W. Rozycki
- Re: ntpd =< 4.0.99k remote buffer... Chris Faulhaber
- Re: ntpd =< 4.0.99k remote buffer over... Durval Menezes