Re: OpenVMS fingerd remote stack overflow

From: Alexander Sotirov <alex@sotirov.net>
To: bugtraq@securityfocus.com
Cc:
Subject: Re: OpenVMS fingerd remote stack overflow
Date:


On Thu, Aug 07, 2008 at 12:08:53AM +0100, Shaun Colley wrote:
> The MultiNet finger service runs on port 79 by default (like other finger
> servers) and takes a username to query.  A long string (~250+ or so bytes)
> will cause a stack overflow, giving control of a saved return address and
> hence the program counter (PC).

Hahahaha, welcome to 1988!

Alex





Copyright © 1995-2021 LinuxRocket.net. All rights reserved.