Bugtraq mailing list archives
Re: Remote Root Exploit for Redhat 7.0
From: Max Vision <vision () WHITEHATS COM>
Date: Tue, 2 Jan 2001 09:51:11 -0800
Hi, since this was cross-posted to vuln-dev and Bugtraq I think the wider audience should know the facts... ---------- Forwarded message ---------- Date: Sat, 30 Dec 2000 12:58:07 -0800 (PST) From: Max Vision <vision () whitehats com> To: "kry_cek () libero it" <kry_cek () LIBERO IT> Cc: VULN-DEV () SECURITYFOCUS COM Subject: Re: Remote Root Exploit for Redhat 7.0 Ew. When you diff the source, it is apparent that this is a plagiarized exploit that was actually written by DiGiT of security.is [1] (which I saw posted to their website December 8th!) Not only that, but this was discussed publicly in September [2], then fixed by Redhat in early October [3]. Redhat even went so far as to change the 7.0 ISO image to include the fixed LPRng package Oct 11th [4], so many recent default installations are not affected. Affected users that used the old ISO images can still download the RPM updates [5]. [1] http://www.security.is/material/SEClpd.c [2] http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=17756 [3] http://www.redhat.com/support/errata/RHSA-2000-065-06.html [4] ftp://ftp.redhat.com/pub/redhat/releases/guinness/i386/iso [5] ftp://updates.redhat.com/7.0/i386/LPRng-3.6.24-2.i386.rpm ftp://updates.redhat.com/7.0/SRPMS/LPRng-3.6.24-2.src.rpm Max On Sat, 30 Dec 2000, kry_cek () libero it wrote:
This exploit compromise Redhat 7.0 box and it allows to gain the root.. is very dangerous.. please RedHat.com release a patch!! This expl take advantage of Lpd. For download this expl. look www.netcat.it/download/SEClpd.c Thx To All Staff of www.netcat.it
Current thread:
- Remote Root Exploit for Redhat 7.0 kry_cek () libero it (Jan 02)
- Re: Remote Root Exploit for Redhat 7.0 Crutcher Dunnavant (Jan 02)
- <Possible follow-ups>
- Re: Remote Root Exploit for Redhat 7.0 Max Vision (Jan 02)