Vulnerability Development mailing list archives
RE: yet another fake exploit making rounds
From: "Wall, Kevin" <Kevin.Wall () qwest com>
Date: Fri, 21 Dec 2001 10:18:51 -0500
Michal Zalewski,
Most recent (third) issue of "el8" zine, available at http://el8.8m.com, among other things claims to have a "0-day" dcron exploit, allegedely coded by me and Rafal Wojtczuk (Nergal). ... it appears to be a very nicely crafted trojan horse. It does send your /etc/passwd file to a fixed address
your-address () mail com
... this mailbox is probably valid and attended):
Perhaps we all ought to oblige them by sending them bogus /etc/passwd files and let them spin there wheels trying to crack the passwords. Or alternately, grab a few hundred megabytes of random garbage to send them... dd if=/dev/random ibs=4K count=102400 | mail your-address () mail com and overflow their mailbox. Anything to keep them busy over the holidays. --- Kevin W. Wall Qwest Communications International, Inc. Kevin.Wall () qwest com Phone: 614.932.5542 "Wipe Info uses hexadecimal values to wipe files. This provides more security than wiping with decimal values." -- Norton System Works 2002 manual, pg 160
Current thread:
- yet another fake exploit making rounds Michal Zalewski (Dec 20)
- <Possible follow-ups>
- RE: yet another fake exploit making rounds Wall, Kevin (Dec 21)
- Re: yet another fake exploit making rounds xbud (Dec 21)
- Re: yet another fake exploit making rounds Michal Zalewski (Dec 21)
- RE: yet another fake exploit making rounds auto241065 (Dec 22)