The group you are posting to is a Usenet group. Messages posted to this group will make your email address visible to anyone on the Internet.
Your reply message has not been sent.
Your post was successful
 |
Newsgroups: comp.os.vms
From: davi...@alpha2.mdx.ac.uk
Date: Tue, 12 Aug 2008 14:49:51 +0000 (UTC)
Local: Tues, Aug 12 2008 10:49 am
Subject: Re: DEFCON 16 and Hacking OpenVMS
In article <6419afac-bb99-4d7d-b61c-2e29234df...@z72g2000hsb.googlegroups.com>, samp...@gmail.com writes:
>Guys, Is this with DEC TCPIP services or is it something to do with the >I just finished reading the presenation slides from DEFCON and >1. A format string vulnerability in the FINGER client (VAX only). The Multinet finger vulnerability ? see http://www.multinet.process.com/scripts/eco/eco_tlb.com?FINGER-010_A052 >2. A CLI buffer overflow on Alphas. Basically any input over 511 Can you explain this one in a bit more detail ? >characters causes an overflow, it seems to be possible to have a >privileged process execute arbitrary code. Is this an attack against DCL itself, images installed with privileges or something else ? David Webb >Anyway, this is from a 10 minute reading of the slides, I might have
>missed something, but the important thing (IMHO) is that neither of >these exploits are possible from remote but require a malicious user >to already have an account on the targeted system. >Sampsa You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
| |||||||||||||