When you support CPH, you support artistry, community and lifelong learning in Cleveland.
The Allen, Outcalt, and Helen
Theatres are all located at
1407 Euclid Avenue, Cleveland, OH 44115
CPH is dedicated to serving diverse audiences with nationally acclaimed education programs.
in your community:
at Cleveland Play House:
char username[64]; char scramble[20]; // FIXED SIZE VULNERABILITY memcpy(username, packet+offset, username_len); offset += username_len; memcpy(scramble, packet+offset, scramble_len); // No boundary check
By setting scramble_len > 20 , the attacker could overwrite eip (return address) on the stack. Using a combination of NOP sled and shellcode, a remote attacker could execute arbitrary commands on the host. mysql 5.0.12 exploit
A simpler variation (the authentication bypass) required only: // FIXED SIZE VULNERABILITY memcpy(username
Client -> Server: Connection request Server -> Client: Greeting packet (contains salt) Client -> Server: Authentication packet (username, hashed password using salt) Server -> Client: OK or Access Denied In the vulnerable version, the server parsed the authentication packet as follows (pseudo-code): offset += username_len
