search for: 80bytebuffer

Brock Tellier <btellier@WEBLEY.COM> writes: > Virtually any program using the GNOME libraries is vulnerable to a > buffer overflow attack. The attack comes in the form: > > /path/to/gnome/prog --enable-sound --espeaker=$80bytebuffer > The following exploit should work against any GNOME program, though I > tried it on (the irony) /usr/games/nethack, which is SGID root by default > on RH6.0. An attack on any program will look something like this: > > [xnec@redhack gnox]$ uname -a; cat /etc/redhat-release; id &gt...