Vulnerability Development mailing list archives
Re: Remote exploitation of network scanners?
From: "Bluefish (P.Magnusson)" <11a () GMX NET>
Date: Sat, 2 Sep 2000 00:30:03 +0200
Agree. Of course it should be fixed.
1. didn't have much knowledge tool, wasn't aware of who created it
2. some people may wish to to do a dirty fix until an official one is
available.
Only mentioning that my post sugested dropping chmod permission
(poking around with capabilities). I'm not overly familiar with
capabilities, but it shouldn't be that easy to break that, should it? the
entire idea with capabilities is, if I got it correctly, is to confine
even super-user processes, allowing code which may be vulnerable to
perform limited super-user tasks but not all that root normally can do.
Snoop is basically Sun's home-grown 'tcpdump', and though you can always sandbox (and hope they can't bust your chroot!), very few (e.g. none) people are going to expect a vendor supplied 'listen-only' tool to give bad guys remte root, so....
..:::::::::::::::::::::::::::::::::::::::::::::::::..
http://www.11a.nu || http://bluefish.11a.nu
eleventh alliance development & security team
Current thread:
- Re: Remote exploitation of network scanners? Domenico De Vitto (Sep 01)
- Re: Remote exploitation of network scanners? Bluefish (P.Magnusson) (Sep 01)
- <Possible follow-ups>
- Re: Remote exploitation of network scanners? Peter Pentchev (Sep 02)
- Re: Remote exploitation of network scanners? Andrew Scott Reisse (Sep 02)
- Re: Remote exploitation of network scanners? Peter Pentchev (Sep 02)
- Re: Remote exploitation of network scanners? Andrew Scott Reisse (Sep 02)