Security Incidents mailing list archives

Re: Bind 9.2.X exploit???

From: Sebastian <scut () nb in-berlin de>
Date: Thu, 25 Jul 2002 20:28:19 +0200


Hi :)


On Wed, Jul 24, 2002 at 11:04:58PM -0700, Muhammad Faisal Rauf Danka wrote:

Yes i also found the very same tool like back in April on one of my
client's compromised RH machine.

I think the comments/* */ portion contains a copyright by teso.  So
probably, you cannot just distributed it like that, or maybe you can I'm
not too sure, there have been some scene before regarding such issues with
the freebsd remote telnet exploit by the same teso people.

 
This exploit was never written by me or anyone else in TESO. I have not
tested it and do not expect it to work (or its probably a rip from someone
else).

Regards, 
---------
Muhammad Faisal Rauf Danka



ciao,
scut :)

-- 
-. scut () nb in-berlin de -. + http://segfault.net/~scut/ `--------------------.
-' segfault.net/~scut/pgp `' 5453 AC95 1E02 FDA7 50D2 A42D 427E 6DEF 745A 8E07
`- complete HTCIA database obtained, exchange as usual. hi echelon ----------'

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Current thread:

Bind 9.2.X exploit??? güvercin (Jul 24)
- Re: Bind 9.2.X exploit??? Patrick Andry (Jul 25)
  - Re: Bind 9.2.X exploit??? David Conrad (Jul 25)
  - Re: Bind 9.2.X exploit??? Jim Clausing (Jul 25)
    - Re: Bind 9.2.X exploit??? David Conrad (Jul 25)
    - Surge of attacks on ports 61127 & 61134 Joseph (Jul 25)
- Re: Bind 9.2.X exploit??? Alexandru Balan (Jul 26)
  - Re: Bind 9.2.X exploit??? David Carmean (Jul 26)
- <Possible follow-ups>
- Re: Bind 9.2.X exploit??? Muhammad Faisal Rauf Danka (Jul 25)
  - Re: Bind 9.2.X exploit??? Sebastian (Jul 25)