Here at my job, we have a lot of machines running RH 9, RH Enterprise 3 and some older Linux tastes. As I read about the "format string vulnerability" and "shellcode", I would like to know how to see if that Linux are vulnerable to these kinds of attack (without running the attacks itself)...
Thanks for help!
First of all a shellcode is not a vulnerably. Shellcode is a small bit of executable code that is a payload delivered by a memory corruption vulnerability like a dangling pointer or buffer overflow. Modern Linux systems are very difficult to exploit.
What you need to do is run a yum upgrade and then you should be good. Just keep your system up to date and thats all you have to worry about. If you want to see if a system is remotely exploitable then should run OpenVAS against that system. If you want to exploit a system, and run shellcode of your choice then you can use the Metasploit framework.