Vulnerability Development mailing list archives
Re: QPOP2.5* exploit ??
From: inouk () IGT NET (Eric LeBlanc)
Date: Mon, 15 May 2000 11:00:18 -0400
ftp://ftp.technotronic.com/unix/qpop-exploits/ Rick On 13 May 2000, at 21:01, jms wrote:
On Sun, 14 May 2000, H D Moore wrote:Ryan Sweat wrote: this has been found in the wild, however there seems to be a trojan in the shellcode. Popper 2.5* has been thought to be safe. I would not reccomend running this on your own machine unless you crack the shellcode and see what it does.Qpopper 2.5* safe? I think not. I have seen more than a few boxes cracked via publicly available exploits for the 2.53 version. I will tear apart the shell code buffer when I get time...i seem to recall someone else making the claim that 2.53 was rootable some months ago. to the best of my knowledge, no one has posted an exploit for 2.53 to this list, or any other. the rootable versions that have popped up since 2.53 were due to beta code being introduced. mr moore, as you appear to be a security professional, i look forward to you posting the offensive code from 2.53, or pointing out what functions appear to be vulnerable from your public 2.53 exploit. and if your feeilng up to it, post the exploit as well. thanks! -jason storm jms () negation net
Current thread:
- Re: WSCRIPT.EXE , CSCRIPT.EXE replacement for *.vbs, (continued)
- Re: WSCRIPT.EXE , CSCRIPT.EXE replacement for *.vbs Harmer, Mike (May 12)
- regarding phrack49's stack smashing tutorial Christian Hammers (May 13)
- Re: regarding phrack49's stack smashing tutorial Precious Roy (May 13)
- Re: regarding phrack49's stack smashing tutorial Bluefish (May 13)
- QPOP2.5* exploit ?? Ryan Sweat (May 14)
- Re: QPOP2.5* exploit ?? H D Moore (May 14)
- Re: QPOP2.5* exploit ?? jms (May 13)
- Napster Fix optik (May 14)
- Re: QPOP2.5* exploit ?? Maurycy Prodeus (May 15)
- Re: QPOP2.5* exploit ?? jms (May 14)
- Re: QPOP2.5* exploit ?? Eric LeBlanc (May 15)
- regarding phrack49's stack smashing tutorial Christian Hammers (May 13)
- hi sparc qpop info sp00n () GMX DE (May 14)
- Re: WSCRIPT.EXE , CSCRIPT.EXE replacement for *.vbs Harmer, Mike (May 12)
- Re: QPOP2.5* exploit ?? typo () INFERNO TUSCULUM EDU (May 14)
- Re: QPOP2.5* exploit ?? typo () INFERNO TUSCULUM EDU (May 14)
- Re: QPOP2.5* exploit ?? Dimitry Andric (May 14)
- Re: QPOP2.5* exploit ?? Martin Ixter (May 14)
- TROJAN WARNING: Re: QPOP2.5* exploit ?? Nic Bellamy (May 14)
- Re: QPOP2.5* exploit ?? phi-vulndev () EXORSUS NET (May 14)
- Bubble Boy Virus Spreading Mechanism Andrew Leong (May 15)
- Re: QPOP2.5* exploit ?? Lluis Mora (May 15)
- Bugtraq Stats for the last 3 years available now. Alfred Huger (May 15)