On Wed, 3 Dec 2003, John Hasler wrote:
good thread john :-)
> > How does an attacker with a user-level password gain root access?
>
> In this case by exploiting a bug in sbrk(). The kernel developers knew
> about the bug but did not believe it to be exploitable. They were wrong.
>
> > ...how does a buffer overflow allow root access?
>
> In some cases, by allowing you to overwrite a return address on the stack
> of a suid program with the address of your code. This exploit is rather
> more subtle than that, evidently.
nice pretty pic of buffer overflow
http://www.Linux-Sec.net/Kernel/
c ya
alvin
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
