Full Disclosure mailing list archives

RE: !SPAM! Automated ssh scanning

From: Richard Verwayen <holle () ackw de>
Date: Thu, 26 Aug 2004 15:41:18 +0200

On Thu, 2004-08-26 at 15:12, Todd Towles wrote:

 The kernel could be save. But with weak passwords, you are toast. Any
automated tool would test guest/guest.

Hello Todd!

You are right about the passwords, but guest is only a unprivileged
account as you may have on many prodruction machines. But they managed
to become root on this machine due to a kernel(?) exploit!
Should I then consider any woody system to be insecure to let people
work at?

Richard

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

RE: !SPAM! Automated ssh scanning Todd Towles (Aug 26)
- RE: !SPAM! Automated ssh scanning Richard Verwayen (Aug 26)
  - RE: !SPAM! Automated ssh scanning Ron DuFresne (Aug 26)
    - Re: !SPAM! Automated ssh scanning Tremaine (Aug 26)
    - Re: !SPAM! Automated ssh scanning Richard Verwayen (Aug 26)
    - Re: !SPAM! Automated ssh scanning Jan Luehr (Aug 26)
    - Re: !SPAM! Automated ssh scanning Barry Fitzgerald (Aug 26)
    - Re: !SPAM! Automated ssh scanning Ron DuFresne (Aug 26)
    - Re: !SPAM! Automated ssh scanning Jan Luehr (Aug 26)
    - Re: !SPAM! Automated ssh scanning Ron DuFresne (Aug 26)
  - Re: !SPAM! Automated ssh scanning Valdis . Kletnieks (Aug 26)
    - Re Automated ssh scanning Mister Coffee (Aug 26)

(Thread continues...)