Mr.KlicK
libtiff vulnerabilities
editHello Mr.Klick, I updated the psp page with proof as you requested. Thanks, Tavis. -- taviso 08:53, 16 June 2007 (UTC)
- Thank you. Mr.KlicK 22:56, 16 June 2007 (UTC)Mr.KlicK
- Hey, using an exploit isnt really something thats worthy of credit, downloading and compiling pre-written exploit code is very easy to do. In fact, to replicate what he posted, he would just have to do this:
$ gcc 19283.c -o test $ ./test $ gdb tiffinfo (gdb) r exploit.tif (gdb) bt
As far as I can tell from his forum post, he actually had some difficulty getting it to work! Anyone with any programming experience on unix would have been able to do this in just a few minutes (I don't know if you're a developer or not, but all he had to do was find the address that the payload was loaded at, which is just entering a few commands into a debugger). It sounds like he just got lucky and read my advisory before anyone else in the psp community. Getting a working exploit for a new platform, and turning that into something useful is certainly worthy of credit, but as far as i can tell someone called "fanjita" is responsible for that. -- taviso 23:56, 16 June 2007 (UTC)
- No clue what you just said. Agree to disagree? (I believe that is the right term to be used in this context.)
Please refrain from making unconstructive edits to Wikipedia, as you did to Ann Coulter. Your edits appear to constitute vandalism and have been reverted. If you would like to experiment, please use the sandbox. Thank you.--Tdl1060 (talk) 03:31, 11 February 2008 (UTC)
I deleted you picture as well. Consider this a final warning. Cool Hand Luke 03:56, 11 February 2008 (UTC)