Penetration Testing mailing list archives

Re: How to exploit gain root of OpenSSL?

From: gat0r <gat0r () toughguy net>
Date: Fri, 13 Oct 2006 21:11:37 -0600

Open-ssl-too-open

Openssl-uzi


On 10/13/06 9:06 AM, "09sparky () gmail com" <09sparky () gmail com> wrote:

I am looking for a way to exploit (not dos) and gain root, if possible to an
old version of OpenSSL.  Nessus results are:
The remote host seems to be running a version of OpenSSL which is older than
0.9.6k or 0.9.7c.

Does anyone have any suggestions?

Thanks,
sparky

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=7016000000
08bOW
------------------------------------------------------------------------





------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------

Current thread:

How to exploit gain root of OpenSSL? 09sparky (Oct 13)
- Re: How to exploit gain root of OpenSSL? gat0r (Oct 16)
- Re: How to exploit gain root of OpenSSL? Manuel Arostegui Ramirez (Oct 16)