> From: David Endler <dendler@idefense.com> > Date: Thu, 26 Sep 2002 08:58:48 -0600 (MDT) > > A proof of concept exploit for Red Hat Linux designed by zen-parse is > attached to this message. It packages the overflow and shellcode in > the "%%PageOrder:" section of the PDF. > > [root@victim]# ls -al /tmp/itworked > /bin/ls: /tmp/itworked: No such file or directory > [root@victim]# gv gv-exploit.pdf > [root@victim]# ls -al /tmp/itworked > - -rw-r--r-- 1 root root 0 Aug 22 16:50 /tmp/itworked > [root@victim]# > Does not work for me: boris@reston-0491:~/convert$ gv -v gv 3.5.8 (debian) boris@reston-0491:~/convert$ gv gv-exploit.pdf Segmentation fault boris@reston-0491:~/convert$ ls -al /tmp/itworked ls: /tmp/itworked: No such file or directory -- Good luck -Boris By long-standing tradition, I take this opportunity to savage other designers in the thin disguise of good, clean fun. -- P.J. Plauger, "Computer Language", 1988, April Fool's column.
