Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: QPOP2.5* exploit ??

From: sec () ORGONE NEGATION NET (jms)
Date: Sat, 13 May 2000 21:01:29 -0700

On Sun, 14 May 2000, H D Moore wrote:


Ryan Sweat wrote:

     this has been found in the wild, however there seems to be a
trojan in the shellcode.  Popper 2.5* has been thought to be safe.  I
would not reccomend running this on your own machine unless you crack
the shellcode and see what it does.


Qpopper 2.5* safe?  I think not.  I have seen more than a few boxes
cracked via publicly available exploits for the 2.53 version.  I will
tear apart the shell code buffer when I get time...


i seem to recall someone else making the claim that 2.53 was rootable
some months ago.

to the best of my knowledge, no one has posted an exploit for 2.53 to this
list, or any other.

the rootable versions that have popped up since 2.53 were due to beta
code being introduced.

mr moore, as you appear to be a security professional, i look forward to
you posting the offensive code from 2.53, or pointing out what functions
appear to be vulnerable from your public 2.53 exploit.

and if your feeilng up to it, post the exploit as well.

thanks!

-jason storm
jms () negation net
Previous By Date Next
Previous By Thread Next

Current thread: