RE: Automated SSH login attempts? Related Cross post from incidents.org

[Jirka Kosina <jikos () jikos cz>]

On Fri, 30 Jul 2004, Harris, Michael C. wrote:

> We got zapped by some hackers from, I think, Romania that have a priv
> escalation exploit for Linux 2.4.20
> http://sirzion.illusivecreations.com/loginxy

This exploit really shouldn't be dangerous for any admin updating at least 
once a year <g> - it is just a scriptkiddie exploit for old do_brk() 
bounds check vulnerability.

-- 
JiKos.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html