Full Disclosure mailing list archives
IMPORTANT SECURITY ADVISORY PLEASE READ!
From: Ray.Percival () summit fiserv com (Percival, Ray)
Date: Wed, 11 Sep 2002 14:51:37 -0500
There is also the one where a guy with a stick sneaks up behind you and hits you on the head then does bad things to your system. Watch out for this one. :) Ray -----Original Message----- From: segfault Sent: Wednesday, September 11, 2002 12:48 PM To: full-disclosure () lists netsys com Subject: [Full-disclosure] IMPORTANT SECURITY ADVISORY PLEASE READ! V4GU3-Disclosure http://www.imprettysure.com !Security Advisory! Advisory Name: This could be bad. Application: A widely used daemon. Platform: A widely used platform. Date: 9.11.02 Severity: We speculate attacker could potentially do very bad things to you're machine if you do not immediately download the security patch from a website we're not sure exists. Overview: This service listens on a port and waits for a connection from a client, then the service retrieves authentication information from the client. Once authenticated, the client can use the service. Description: Exploitation of a bug in this service could give an attacker ROOT level access to an unpatched machine. We're pretty sure the bug is a buffer overflow somewhere, but we know for certain it is exploitable, and is very dangerous. Exploit: /* exploit.c by V4GU3-Disclosure staff. This program must be run for the exploit to work. Suggested arguments are: +vxz 49 Make sure you are ROOT when you run this! */ #include <stdio.h> #include <somethingimportant.h> #include <ifyoudontincludethisitwontwork.h> #include <rootkit.h> int main() { printf("FUCKING OWNED!") return(0); }
Current thread:
- IMPORTANT SECURITY ADVISORY PLEASE READ! segfault (Sep 11)
- <Possible follow-ups>
- IMPORTANT SECURITY ADVISORY PLEASE READ! Percival, Ray (Sep 11)
- IMPORTANT SECURITY ADVISORY PLEASE READ! Matthew McGehrin (Sep 11)
- IMPORTANT SECURITY ADVISORY PLEASE READ! gobbles () hush com (Sep 11)
- IMPORTANT SECURITY ADVISORY PLEASE READ! Niels Bakker (Sep 11)
- IMPORTANT SECURITY ADVISORY PLEASE READ! gobbles () hush com (Sep 11)
- Re: IMPORTANT SECURITY ADVISORY PLEASE READ! Steven M. Christey (Sep 11)
- IMPORTANT SECURITY ADVISORY PLEASE READ! s n u r f l e (Sep 11)