The debian-private mailing list leak, part 1. Volunteers have complained about Blackmail. Lynchings. Character assassination. Defamation. Cyberbullying. Volunteers who gave many years of their lives are picked out at random for cruel social experiments. The former DPL's girlfriend Molly de Blanc is given volunteers to experiment on for her crazy talks. These volunteers never consented to be used like lab rats. We don't either. debian-private can no longer be a safe space for the cabal. Let these monsters have nowhere to hide. Volunteers are not disposable. We stand with the victims.
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Root vulnerability!

------- Forwarded Message

Return-Path: jgoerzen@complete.org 
Return-Path: <jgoerzen>
Received: from mail.midusa.net (noyb@localhost [127.0.0.1])
          by complete.org (8.8.5/8.8.4) with SMTP
	  id GAA12745 for <jgoerzen>; Fri, 18 Apr 1997 06:06:12 -0500
Received: from brimstone.netspace.org (brimstone.netspace.org 
[128.148.157.143])
	by services.midusa.net (8.8.5/8.8.5) with ESMTP id CAA06985;
	Fri, 18 Apr 1997 02:33:52 -0500 (CDT)
Received: from netspace.org ([128.148.157.6]) by brimstone.netspace.org with 
ESMTP id <34643-24870>; Fri, 18 Apr 1997 03:31:41 -0400
Received: from NETSPACE.ORG by NETSPACE.ORG (LISTSERV-TCP/IP release 1.8c) with
          spool id 3435781 for BUGTRAQ@NETSPACE.ORG; Fri, 18 Apr 1997 03:18:21
          -0400
Received: from brimstone.netspace.org (brimstone [128.148.157.143]) by
          netspace.org (8.8.5/8.8.2) with ESMTP id DAA18345 for
          <BUGTRAQ@netspace.org>; Fri, 18 Apr 1997 03:17:07 -0400
Received: from netspace.org ([128.148.157.6]) by brimstone.netspace.org with
          ESMTP id <32828-24869>; Fri, 18 Apr 1997 03:20:17 -0400
Approved-By: aleph1@UNDERGROUND.ORG
Received: from elysium.uwa.edu.au (root@elysium.uwa.edu.au [130.95.128.2]) by
          netspace.org (8.8.5/8.8.2) with ESMTP id XAA24801 for
          <BUGTRAQ@NETSPACE.ORG>; Thu, 17 Apr 1997 23:09:06 -0400
Received: from typhaon.ucs.uwa.edu.au (luyer@typhaon.ucs.uwa.edu.au
          [130.95.128.64]) by elysium.uwa.edu.au (8.8.2/8.8.0) with SMTP id
          LAA27581; Fri, 18 Apr 1997 11:12:05 +0800 (WST)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-ID: <Pine.LNX.3.95q.970418111027.29771O-100000@typhaon.ucs.uwa.edu.au>
Date: 	Fri, 18 Apr 1997 11:12:04 +0800
Reply-To: David Luyer <luyer@UCS.UWA.EDU.AU>
Sender: Bugtraq List <BUGTRAQ@NETSPACE.ORG>
From: David Luyer <luyer@UCS.UWA.EDU.AU>
Subject:      Re: Buffer overflow in sperl5.003
X-To:         Murphy <jtmurphy@CRAY1.ECST.CSUCHICO.EDU>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To:  <Pine.LNX.3.96.970417140348.24662A-101000@cray1.ecst.csuchico.edu
>

On Thu, 17 Apr 1997, Murphy wrote:
> Attached is the source for the exploit. Since it requires some work to
>be done to the compiled exploit (Stripping of 5 byte at the begining and
>end of the binary), the precompiled Linux x86 exploit can be found at
>http://www.ecst.csuchico.edu/~jtmurphy/localusers.html.

Note that the exploit tries offsets of 1170 to 1240.  Debian Linux with
sperl5.00307 requires a value of 1169 (and is vulnerable).

David.

------- End of Forwarded Message


-- 
John Goerzen          | Running Debian GNU/Linux (www.debian.org)
Custom Programming    | 
jgoerzen@complete.org | 


--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-private-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .