From owner-freebsd-questions  Mon Feb 24 14:09:57 1997
Return-Path: <owner-questions>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id OAA22650
          for questions-outgoing; Mon, 24 Feb 1997 14:09:57 -0800 (PST)
Received: from narcissus.ml.org (root@brosenga.Pitzer.edu [134.173.120.201])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id OAA22642
          for <questions@freebsd.org>; Mon, 24 Feb 1997 14:09:51 -0800 (PST)
Received: from localhost (ben@localhost) by narcissus.ml.org (8.7.5/8.7.3) with SMTP id OAA03134 for <questions@freebsd.org>; Mon, 24 Feb 1997 14:09:35 -0800 (PST)
Date: Mon, 24 Feb 1997 14:09:34 -0800 (PST)
From: Snob Art Genre <ben@narcissus.ml.org>
Reply-To: Snob Art Genre <ben@narcissus.ml.org>
To: questions@freebsd.org
Subject: what's this code do?
Message-ID: <Pine.NEB.3.95.970224140416.3073C-100000@narcissus.ml.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-questions@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

I found some code in a user's home directory today that is apparently
intended to cause a buffer overflow.  I was looking because I found out
that he'd tried to break into another system.  Needless to say, that user
can no longer log into my machine.

Would anyone be willing to take a look at this code and tell me what it
does?  I am trying to determine whether there's a chance that my system is
compromised.  I'll mail it to you offline.

The file is called pppt.c.



 Ben

"You have your mind on computers, it seems."