Full Disclosure mailing list archives

Re: RE: 7350reass - alleged *BSD remote kernel exploit

From: "Dave M. Wilson" <full-disclosure () botanicus net>
Date: Tue, 22 Oct 2002 19:08:34 +0100

On Tue, Oct 22, 2002 at 07:32:42PM +0200, Janusz Niewiadomski wrote:

Yet another, not interesting trojan horse which you probably don't
want to run. One minute analysis is available at:
http://isec.pl/funkysh/trash/ for those who interested.


Thanks for that. I had straced it half-heartidly inside a chroot to see
what would happen, and it SEGV'd. At least I now know it was worth
covering my back :).

I notice you have a 'plaintext' copy of the binary -- is there a no-fuss
method for decrypting burneye binaries? Thanks,

Dave.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

7350reass - alleged *BSD remote kernel exploit rfclover (Oct 21)
- <Possible follow-ups>
- RE: 7350reass - alleged *BSD remote kernel exploit Janusz Niewiadomski (Oct 22)
  - Re: RE: 7350reass - alleged *BSD remote kernel exploit Dave M. Wilson (Oct 22)
    - Re: RE: 7350reass - alleged *BSD remote kernel exploit KF (Oct 22)