Stefano Zanero (Politecnico di Milano, Italy)
Konrad Rieck (Berlin Institute of Technology, Germany)
Program chair:
Konrad Rieck (Berlin Institute of Technology, Germany)
Publicity chair:
Thorsten Holz (Technical University of Vienna, Austria)
Program Committee
An
rs will be presented at the
conference.
To submit a paper, please visit http://2010.ec2nd.org/submission
Organization
General co-chairs:
Stefano Zanero (Politecnico di Milano, Italy)
Konrad Rieck (Berlin Institute of Technology, Germany)
Program chair:
Konrad Rie
0 is supported by Astaro (http://www.astaro.de) and the
Pascal Network of Excellence (http://www.pascal-network.org).
Organization
General co-chairs:
Stefano Zanero (Politecnico di Milano, Italy)
Konrad Rieck (Technische Universität Berlin, Germany)
Program chair:
m,
Germany (pc-ch...@dimva.org)
Local Chair:Asia Slowinska, VU University Amsterdam,
the Netherlands (dimva2011-local-ch...@dimva.org)
Sponsoring Chair: Damiano Bolzoni, University of Twente, the
Netherlands (sponsor-c
Local Chair:Asia Slowinska, VU University Amsterdam,
the Netherlands (dimva2011-local-ch...@dimva.org)
Sponsoring Chair: Damiano Bolzoni, University of Twente, the
Netherlands (sponsor-ch...@dimva.org)
Publicity Chair:Konrad Rieck, (dimva201
co-chairs:
Stefano Zanero (Politecnico di Milano, Italy)
Konrad Rieck (Berlin Institute of Technology, Germany)
Program chair:
Konrad Rieck (Berlin Institute of Technology, Germany)
Publicity chair:
Thorsten Holz (Technical University of Vienna, Austria)
Program Committee
An
/mount /dev/dsk/c0t0d0s0 /a
/usr/sbin/audlinks -r /a
But in this case /a wouldn't be worldwritable. I can't see any problem
with audlinks. Sorry.
Regards,
Konrad
--
Konrad Rieck <[EMAIL PROTECTED]> Roqefellaz - http://www.r0q.cx
Fingerprint: 3AA8 CF92 C179 9760 C3B
go sure.
According to the source of write.c the second argument cannot cause an
overflow, strlcat() is used to catch the problem.
Here is the corresponding part of the strlcat man page "string(3C)".
Buffer overflow can be checked as follows:
if (strlcat(dst, src, dstsize) >
the arguments in case of cu. I am a total uucp
fool and have no clue.
cu is only set setuid for the owner uucp and an attacker won't gain any
special privileges, but he would gain access to the files in /etc/uucp.
Regards,
Konrad
--
Konrad Rieck <[EMAIL PROTECTED]>
Roqefellaz - http:
> /home/jroberto/httpd/mysql/bin/mysql -h`perl -e'printf("A"x200)'`
This is a nice example of bad code, but not a security issue, I could
show up a 100 of programs that simply don't care for *argv parameters.
You don't gain anything by exploiting such overfl
that can execute it -
privileges are not changed.
Maybe you can explain, how I will change my privileges on a system, when
executing exactly such overflows, I can't see it.
Regards,
Konrad
--
Konrad Rieck <[EMAIL PROTECTED]>
Roqefellaz - http://www.r0q.cx, GPG Public Key http://www.r
eve that there will be a proof of concept for
exploiting this vulnerablitity to gain any privileges. But I am willing to
learn... ;)
Regards,
Konrad
--
Konrad Rieck <[EMAIL PROTECTED]>
Roqefellaz - http://www.r0q.cx, GPG Public Key http://www.r0q.cx/keys/kr.pub
-- Fingerprint: 3AA8 CF92 C179 9760 C3B3 1B43 33B6 9221 AFBF 5897
d at the code.
Regards,
Konrad
--
Konrad Rieck <[EMAIL PROTECTED]> +
Roqefellaz, http://www.roqe.org - PGP: http://www.roqe.org/keys/kr.pub |
Fingerprint: 5803 E58E D1BF 9A29 AFCA 51B3 A725 EA18 ABA7 A6A3 ---+
signature.asc
Description: This is a digitally signed message part
Program Chair: Thorsten Holz, Ruhr-University Bochum, Germany (pc-chair(at)
dimva (dot) org)
Sponsoring Chair: Damiano Bolzoni, University of Twente, the Netherlands
(sponsor-chair (at) dimva (dot) org)
Publicity Chairs: Damiano Bolzoni, University of Twente, the Netherlands
Konrad Rieck, Technisc
14 matches
Mail list logo