nanog mailing list archives

Re: Rootshell pages hacked

From: "Richard Steenbergen" <humble () lightning net>
Date: Wed, 30 Sep 1998 08:42:08 -0400

JR Mayberry wrote:


Supposedly sendmail 8.9.1 is to blame, not ssh.
http://www.sendmail.com/sendmail.8.9.1a.html


MIME buffer overflows is *not* a sendmail problem. What made you say
this?


I believe the sendmail 8.9.1 speculation comes from the fact that "thanks
for 8.9.1" is mentioned on the hacked page twice. Of course they claim they
were running qmail.

Despite the rampant speculation about ssh-1.2.26 being responsible, it still
seems preferable over ssh2 (which is LARGELY unfinished, and rivals even
ircd and win98 for the convoluted code of the year award).

On the more humorous side of things, It looks like someone at rootshell got
fired. http://adimage.blm.net/rootshell/cnjob.gif =)


--
Richard Steenbergen <humble () lightning net> Data Innovations System Admin
http://www.bitchx.com/~humble - humble@EFnet - PGP KeyID: 0x21581362
PGP Fingerprint: 7552 6AB2 B9C7 5A1B F1B6 8EA3 DFCF 793D 2158 1362
"Trespassers will be shot! Survivors will be shot again!"

Current thread:

Re: Rootshell pages hacked Adam D. McKenna (Oct 29)
- <Possible follow-ups>
- Re: Rootshell pages hacked Adam D. McKenna (Oct 29)
  - Re: Rootshell pages hacked C. Harald Koch (Oct 29)
  - Re: Rootshell pages hacked Michael Freeman (Oct 31)
- Re: Rootshell pages hacked Richard Steenbergen (Oct 29)
- Re: Rootshell pages hacked Adam D. McKenna (Oct 31)