htget stack overflow.
a7c4710ff14ef4d2492a0f4c064ed8f0a939353874bd98ae101fba01889e236b
htget-0.9.x stack overflow vulnerability
author: Darkeagle
date : 01.12.04
vendor: http://www.jwhitham.org.uk/op/htget/
status: no patch
overview:
HTGET is a file grabber that will get files from HTTP servers.
The aim behind this program is to create a downloader that you can leave
running in the background - one that's totally reliable and can cope with
just about any problem, and won't stop downloading unless it's forced to.
details:
...
}
else if ( strncasecmp ( argv [ I ] , "--downloadsdir=" , 15 ) == 0 )
{
strcpy ( DownloadsDir , & argv [ I ][ 15 ] ) ;
...
solution:
use wget :)
exploit:
lame local r00t xpl you can find @ exploiterz.org
greetz:
all unl0ckerz, nosystemz, ghc'z
(c) Darkeagle [ http://exploiterz.org ]