Full Disclosure mailing list archives

Re: Re: ntpd stack evasion exploit

From: "Dave Korn" <davek_throwaway () hotmail com>
Date: Thu, 12 Jan 2006 14:40:32 -0000

Valdis.Kletnieks () vt edu wrote in 
news:200601112011.k0BKBoTR026743 () turing-police cc vt edu

On Wed, 11 Jan 2006 19:01:09 GMT, Dave Korn said:

George A. Theall wrote in news:20060111013853.GA2756 () tifaware com

At least the original poster didn't offer up any hostnames.


  Well, apart from this one:

Original-Received: from p3fed1.frb.org (p3fed1.frb.org [199.169.208.132])


Any bets as to whether any of the 3 DNS servers will allow a AXFR of either
the forward or PTR zones?



  I thought of that, but have to admit that I didn't quite have the bottle 
to check from a traceable ip address!


    cheers,
      DaveK
-- 
Can't think of a witty .sigline today.... 



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

ntpd stack evasion exploit !bSt bitwarz Security Team (Jan 10)
- Re: ntpd stack evasion exploit Przemyslaw Frasunek (Jan 10)
  - Re: ntpd stack evasion exploit ad () heapoverflow com (Jan 10)
    - Re: ntpd stack evasion exploit Sean Crawford (Jan 10)
    - Re: ntpd stack evasion exploit George A. Theall (Jan 10)
    - Re: should have been..' How to Determine My System Vulnerabilities' Sean Crawford (Jan 10)
    - Re: should have been..' How to Determine My System Vulnerabilities' fok yo (Jan 11)
    - Re: ntpd stack evasion exploit Dave Korn (Jan 11)
    - Re: Re: ntpd stack evasion exploit Valdis . Kletnieks (Jan 11)
    - Re: Re: ntpd stack evasion exploit Dave Korn (Jan 12)
- Re: ntpd stack evasion exploit Dude VanWinkle (Jan 14)