[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] ntpd stack evasion 0day exploit

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] ntpd stack evasion 0day exploit
From: Graham Bignell <bignell@xxxxxxxxx>
Date: Wed, 11 Jan 2006 10:01:52 -0500

On 11/01/06, Siegfried <siegfri3d@xxxxxxxxx> wrote:
> omfg i hope it isn't marcos flavio who invented that shit again (100%
> old-modified exploit & fake site)
> or get a fucking brain man!
> http://downloads.securityfocus.com/vulnerabilities/exploits/ntpd-exp.c

Not only is this plagiarism of work from five years ago, it was patched
five years ago.  Already disclosed, already remedied.  No mayhem.

>From http://www.kb.cert.org/vuls/id/JSHA-4VJFMF

--- ntp_control.c.1 Thu Apr  5 21:41:56 2001
+++ ntp_control.c Thu Apr  5 21:43:02 2001
@@ -1824,6 +1824,8 @@
while (cp < reqend && *cp !=
   ',')
*tp++ = *cp++;
+ if (tp >= buf + sizeof(buf))
+ return (0);
if (cp < reqend)
cp++;
*tp = '\0';

\\//,
Lorax
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- Re: [Full-disclosure] ntpd stack evasion 0day exploit
  - From: Siegfried

Prev by Date: Re: [Full-disclosure] ntpd stack evasion 0day exploit
Next by Date: Re: [Full-disclosure] should have been..' How to Determine My System Vulnerabilities'
Previous by thread: Re: [Full-disclosure] ntpd stack evasion 0day exploit
Next by thread: [Full-disclosure] [EEYEB-2000801] - Windows Embedded Open Type (EOT) Font Heap Overflow Vulnerability
Index(es):
- Date
- Thread