Here's the output I get:
[+] kernel 2.6.1 vulnerable: YES exploitable YES
MMAP #65530 0x50bfa000 - 0x50bfb000
[+] Success
Usage: ping [-LRUbdfnqrvVaA] [-c count] [-i interval] [-w deadline]
[-p pattern] [-s packetsize] [-t ttl] [-I interface or address]
[-M mtu discovery hint] [-S sndbuf]
[ -T timestamp option ] [ -Q tos ] [hop1...] destination
But no root shell...:(
How can this lead to an exploit? Must have been fixed before.
Slashdot Mirror
You could do the same thing using groups permisssion access in a unix filesystem.
Here's the output I get: [+] kernel 2.6.1 vulnerable: YES exploitable YES MMAP #65530 0x50bfa000 - 0x50bfb000 [+] Success Usage: ping [-LRUbdfnqrvVaA] [-c count] [-i interval] [-w deadline] [-p pattern] [-s packetsize] [-t ttl] [-I interface or address] [-M mtu discovery hint] [-S sndbuf] [ -T timestamp option ] [ -Q tos ] [hop1 ...] destination
But no root shell... :(
How can this lead to an exploit? Must have been fixed before.