buffer-overflow pic - Re: Debian Investigation Report after Server Compromises

To: John Hasler <john@dhh.gt.org>
Cc: debian-user@lists.debian.org
Subject: buffer-overflow pic - Re: Debian Investigation Report after Server Compromises
From: Alvin Oga <aoga@ns.Linux-Consulting.com>
Date: Wed, 3 Dec 2003 17:08:42 -0800 (PST)
Message-id: <[🔎] Pine.LNX.3.96.1031203170711.26254B-100000@Maggie.Linux-Consulting.com>
In-reply-to: <[🔎] 87ptf5h3hw.fsf@toncho.dhh.gt.org>


On Wed, 3 Dec 2003, John Hasler wrote:

good thread john :-)

> > How does an attacker with a user-level password gain root access?
> 
> In this case by exploiting a bug in sbrk().  The kernel developers knew
> about the bug but did not believe it to be exploitable.  They were wrong.
> 
> > ...how does a buffer overflow allow root access?
> 
> In some cases, by allowing you to overwrite a return address on the stack
> of a suid program with the address of your code.  This exploit is rather
> more subtle than that, evidently.

nice pretty pic of buffer overflow 
	http://www.Linux-Sec.net/Kernel/

c ya
alvin

Reply to:

References:
- Re: Debian Investigation Report after Server Compromises
  - From: John Hasler <john@dhh.gt.org>

Prev by Date: Re: How do I install gnome/stable
Next by Date: Re: Debian Investigation Report after Server Compromises
Previous by thread: Re: Debian Investigation Report after Server Compromises
Next by thread: Re: Debian Investigation Report after Server Compromises
Index(es):
- Date
- Thread