Vulnerability Development mailing list archives

Re: Telnetd exploit for solaris

From: "Stanley G. Bubrouski" <stan () ccs neu edu>
Date: Thu, 6 Sep 2001 21:35:20 -0400 (EDT)




On Thu, 6 Sep 2001, sween wrote:


On Wed, 5 Sep 2001, fintler wrote:

Now why would you possible want something like that...if you were an


sooooo you can drive an industry and root somebody's solaris machine and
prove to SOMEONE's company that this computer security bullshit isn't just
a fad and that are not wasting 60K a year for a "security" expert to hover
over security focus mailing lists and apply patches to expensive operating
systems that were shipped broken in the first place.

this industry needs an old fashioned ass whoopin.

You owe script kiddies... BIG TIME.


The computer and software industries owe script kiddies NOTHING.  Script
kiddies bring down sites, wreak havoc on networks, use compromised as
platforms for attack and all without knowing how what they are using works
or what harm they are doing.

The people owed thanks are the people who find and report vulnerabilites,
who attempt to offer fixes and workarounds, and yes people who write and
publish proof of concept code and tools.

But there is a huge difference between supplying a proof of concept and
using one to gain unauthorized access to companies system.

GET OFF MY LIST.


This is list is to discuss vulnerabilities, not promote script kiddies as
the great fucking guardian angels of corporate America.  Get real.


--- Labkonto <ppht-15 () mdstud chalmers se> wrote:

Anyone here that developed an exploit
for the Telnetd buffer overflow on solaris,
or know where to get one?


// pp


No, but when I do I'll post it here.

admin, you'd just patch your

box and forget it. I can only assume you're trying to get into someone elses box, what makes you
think I'm going to give you a script so you can get someone fired from their job because you felt
like being an 3r3ct skr1pt k1ddi3.


Give him whatever he asks for.  I want to see him behind bars if he plans
to use it to gain unauthorized access to people's systems (not that I'm
saying he is)

-fintler <fintler () halfbug com>

__________________________________________________
Do You Yahoo!?
Get email alerts & NEW webcam video instant messaging with Yahoo! Messenger
http://im.yahoo.com



--

sween
-script kiddie-


Are you for real?  I feel like I'm reading something written by a chimp
from a tv sitcom.  Anyone else got any input on script kiddies being a
positive thing?


Stan

--
Stan Bubrouski                                       stan () ccs neu edu
23 Westmoreland Road, Hingham, MA 02043        Cell:   (617) 835-3284

Current thread:

Telnetd exploit for solaris Labkonto (Sep 05)
- Re: Telnetd exploit for solaris fintler (Sep 05)
  - RE: Telnetd exploit for solaris Dom De Vitto (Sep 06)
  - Re: Telnetd exploit for solaris Alex Pearsall (Sep 06)
    - Re: Telnetd exploit for solaris Ron DuFresne (Sep 06)
  - Re: Telnetd exploit for solaris sween (Sep 06)
    - Re: Telnetd exploit for solaris sa7ori (Sep 06)
    - RE: Telnetd exploit for solaris Joseph Spears (Sep 07)
    - RE: Telnetd exploit for solaris Dom De Vitto (Sep 07)
    - Re: Telnetd exploit for solaris Stanley G. Bubrouski (Sep 06)
    - Re: Telnetd exploit for solaris Kaneda Akira (Sep 07)
    - Re: Telnetd exploit for solaris Cory McIntire (Sep 07)
    - Re: Telnetd exploit for solaris H D Moore (Sep 07)
    - Re: Telnetd exploit for solaris James Puckett (Sep 07)
    - Re: Telnetd exploit for solaris Joseph Mallett (Sep 07)
  - Re: Telnetd exploit for solaris Robert A. Seace (Sep 06)
- Re: Telnetd exploit for solaris lazy (Sep 05)
  - Re: Telnetd exploit for solaris Federico Bellizia (Sep 06)
  - Re: Telnetd exploit for solaris sween (Sep 06)
- <Possible follow-ups>
- RE: Telnetd exploit for solaris moran (Sep 06)

(Thread continues...)