Vulnerability Development mailing list archives

Re: Remote Root Exploit for Redhat 7.0

From: Max Vision <vision () WHITEHATS COM>
Date: Sat, 30 Dec 2000 12:58:07 -0800

Ew.  When you diff the source, it is apparent that this is a plagiarized
exploit that was actually written by digit of security.is [1] (which I saw
posted to their website December 8th!)

Not only that, but this was discussed publicly in September [2], then
fixed by Redhat in early October [3].  Redhat even went so far as to
change the 7.0 ISO image to include the fixed LPRng package Oct 11th [4],
so many recent default installations are not affected.  Affected users
that used the old ISO images can still download the RPM updates [5].

[1] http://www.security.is/material/SEClpd.c
[2] http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=17756
[3] http://www.redhat.com/support/errata/RHSA-2000-065-06.html
[4] ftp://ftp.redhat.com/pub/redhat/releases/guinness/i386/iso
[5] ftp://updates.redhat.com/7.0/i386/LPRng-3.6.24-2.i386.rpm
    ftp://updates.redhat.com/7.0/SRPMS/LPRng-3.6.24-2.src.rpm

Max

On Sat, 30 Dec 2000, kry_cek () libero it wrote:

This exploit compromise Redhat 7.0 box and it allows to gain the root..
is very dangerous.. please RedHat.com release a patch!!
This expl take advantage of Lpd.

For download this expl. look www.netcat.it/download/SEClpd.c

Thx To All
Staff of www.netcat.it

Current thread:

Remote Root Exploit for Redhat 7.0 kry_cek () libero it (Dec 30)
- Re: Remote Root Exploit for Redhat 7.0 Max Vision (Dec 30)
- Re: Remote Root Exploit for Redhat 7.0 Daniel Roesen (Dec 30)
- Re: Remote Root Exploit for Redhat 7.0 Theodor Ragnar Gislason (Dec 30)