[Full-disclosure] *BSD banner INT overflow vulnerability
Sean Comeau
scomeau at cansecwest.com
Wed Nov 22 12:50:10 GMT 2006
On Wed, Nov 22, 2006 at 12:25:46PM +0300, dead code crew wrote:
>
> %uname -sir
> FreeBSD 6.1-RELEASE GENERIC
> %gdb banner
> (gdb) r -w 17000000
> Program received signal SIGSEGV, Segmentation fault.
> 0x01010101 in ?? ()
>
This doesn't crash banner on OpenBSD, and even if it did who
cares? What would anyone accomplish by making this setuid
root?
Full-Disclosure is hosted and sponsored by Secunia.