Full Disclosure mailing list archives

IMPORTANT SECURITY ADVISORY PLEASE READ!

From: ashlieangel86 () hotmail com (segfault)
Date: Wed, 11 Sep 2002 15:04:55 -0400

This is a multi-part message in MIME format.

------=_NextPart_000_000B_01C259A4.96CEF790
Content-Type: text/plain;
        charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable


 V4GU3-Disclosure
 http://www.imprettysure.com

 !Security Advisory!

 Advisory Name: This could be bad.

 Application: A widely used daemon.
=20
 Platform: A widely used platform.
=20
 Date:  9.11.02

 Severity: We speculate attacker could potentially do very bad things
   to you're machine if you do not immediately download the
   security patch from a website we're not sure exists.

 Overview: This service listens on a port and waits for a connection
   from a client, then the service retrieves authentication
   information from the client.  Once authenticated, the client
   can use the service.

 Description: Exploitation of a bug in this service could give an =
attacker
   ROOT level access to an unpatched machine.  We're pretty sure
   the bug is a buffer overflow somewhere, but we know for
   certain it is exploitable, and is very dangerous.

 Exploit: /* exploit.c by V4GU3-Disclosure staff.

      This program must be run for the exploit to work.
  =20
      Suggested arguments are:  +vxz 49

      Make sure you are ROOT when you run this!

   */

   #include <stdio.h>
   #include <somethingimportant.h>
   #include <ifyoudontincludethisitwontwork.h>
   #include <rootkit.h>

   int main()
   {
    printf("FUCKING OWNED!")
    return(0);
   }

------=_NextPart_000_000B_01C259A4.96CEF790
Content-Type: text/html;
        charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Diso-8859-1">
<META content=3D"MSHTML 6.00.2719.2200" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff><FONT face=3DArial size=3D2>
<DIV><BR>&nbsp;V4GU3-Disclosure<BR>&nbsp;<A=20
href=3D"http://www.imprettysure.com";>http://www.imprettysure.com</A></DIV=

<DIV>&nbsp;</DIV>
<DIV>&nbsp;!Security Advisory!</DIV>
<DIV>&nbsp;</DIV>
<DIV>&nbsp;Advisory Name:&nbsp;This could be bad.</DIV>
<DIV>&nbsp;</DIV>
<DIV>&nbsp;Application:&nbsp;A widely used=20
daemon.<BR>&nbsp;<BR>&nbsp;Platform:&nbsp;A widely used=20
platform.<BR>&nbsp;<BR>&nbsp;Date:&nbsp;&nbsp;9.11.02</DIV>
<DIV>&nbsp;</DIV>
<DIV>&nbsp;Severity:&nbsp;We speculate attacker could potentially do =
very bad=20
things<BR>&nbsp;&nbsp;&nbsp;to you're machine if you do not immediately =
download=20
the<BR>&nbsp;&nbsp;&nbsp;security patch from a website we're not sure=20
exists.</DIV>
<DIV>&nbsp;</DIV>
<DIV>&nbsp;Overview:&nbsp;This service listens on a port and waits for a =

connection<BR>&nbsp;&nbsp;&nbsp;from a client, then the service =
retrieves=20
authentication<BR>&nbsp;&nbsp;&nbsp;information from the client.&nbsp; =
Once=20
authenticated, the client<BR>&nbsp;&nbsp;&nbsp;can use the =
service.</DIV>
<DIV>&nbsp;</DIV>
<DIV>&nbsp;Description:&nbsp;Exploitation of a bug in this service could =
give an=20
attacker<BR>&nbsp;&nbsp;&nbsp;ROOT level access to an unpatched =
machine.&nbsp;=20
We're pretty sure<BR>&nbsp;&nbsp;&nbsp;the bug is a buffer overflow =
somewhere,=20
but we know for<BR>&nbsp;&nbsp;&nbsp;certain it is exploitable, and is =
very=20
dangerous.</DIV>
<DIV>&nbsp;</DIV>
<DIV>&nbsp;Exploit:&nbsp;/* exploit.c by V4GU3-Disclosure staff.</DIV>
<DIV>&nbsp;</DIV>
<DIV>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; This program must be run for the =
exploit to=20
work.<BR>&nbsp;&nbsp;&nbsp;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Suggested=20
arguments are:&nbsp; +vxz 49</DIV>
<DIV>&nbsp;</DIV>
<DIV>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Make sure you are ROOT when you run=20
this!</DIV>
<DIV>&nbsp;</DIV>
<DIV>&nbsp;&nbsp;&nbsp;*/</DIV>
<DIV>&nbsp;</DIV>
<DIV>&nbsp;&nbsp;&nbsp;#include =
&lt;stdio.h&gt;<BR>&nbsp;&nbsp;&nbsp;#include=20
&lt;somethingimportant.h&gt;<BR>&nbsp;&nbsp;&nbsp;#include=20
&lt;ifyoudontincludethisitwontwork.h&gt;<BR>&nbsp;&nbsp;&nbsp;#include=20
&lt;rootkit.h&gt;</DIV>
<DIV>&nbsp;</DIV>
<DIV>&nbsp;&nbsp;&nbsp;int=20
main()<BR>&nbsp;&nbsp;&nbsp;{<BR>&nbsp;&nbsp;&nbsp;&nbsp;printf("FUCKING =

OWNED!")<BR>&nbsp;&nbsp;&nbsp;&nbsp;return(0);<BR>&nbsp;&nbsp;&nbsp;}</FO=
NT></DIV></BODY></HTML>

------=_NextPart_000_000B_01C259A4.96CEF790--

Current thread:

IMPORTANT SECURITY ADVISORY PLEASE READ! segfault (Sep 11)
- <Possible follow-ups>
- IMPORTANT SECURITY ADVISORY PLEASE READ! Percival, Ray (Sep 11)
  - IMPORTANT SECURITY ADVISORY PLEASE READ! Matthew McGehrin (Sep 11)
- IMPORTANT SECURITY ADVISORY PLEASE READ! gobbles () hush com (Sep 11)
  - IMPORTANT SECURITY ADVISORY PLEASE READ! Niels Bakker (Sep 11)
- IMPORTANT SECURITY ADVISORY PLEASE READ! gobbles () hush com (Sep 11)
- Re: IMPORTANT SECURITY ADVISORY PLEASE READ! Steven M. Christey (Sep 11)
- IMPORTANT SECURITY ADVISORY PLEASE READ! s n u r f l e (Sep 11)