Vulnerability Development mailing list archives

Re: Telnetd exploit for solaris

From: Ron DuFresne <dufresne () winternet com>
Date: Thu, 6 Sep 2001 17:36:32 -0500 (CDT)

From: Alfred Huger <ah () securityfocus com>
Subject: Multiple Vendor Telnetd Buffer Overflow Vulnerability Worm
Date: Wed, 5 Sep 2001 15:35:10 -0600 (MDT)
Heya all,

There is apparently a worm in circulation which exploits the Multiple
Vendor Telnetd Buffer Overflow Vulnerability BID 3064:

http://www.securityfocus.com/bid/3064

The ARIS Analyst Team are actively looking for a copy of this worm, "x.c"
should you have a copy of it and be willing to shoot it this way we would
deeply appreciate it. Any research we perform will posted directly back to
the list(s) for public consumption.

VP Engineering
SecurityFocus
"Vae Victis"

Looks like exploits are just starting to hit the wild.

Thanks,

Ron DuFresne

On Thu, 6 Sep 2001, Alex Pearsall wrote:

On 2001.09.05 19:15 fintler wrote:

Actually, I know its not nesscarily kosher, but I would like to know if
there is a exploit.  Here at work, we have a couple sun boxes, and from
what i've seen, it doesnt look like there is one.  Bvut I'd like to know,
either way.  

I'm not a script kiddie, or a cracker.  I'm just a UNIX admin that wants to
test how severe the problem is.
Thank you for any help!

-- 
--------------------------------
Alex Pearsall   ESPN UNIX Admin   
     alex.pearsall () espn com
     rebelpacket () asleep net
      Office: 860-766-7265
      Mobile: 860-798-6481
--------------------------------


--- Labkonto <ppht-15 () mdstud chalmers se> wrote:

Anyone here that developed an exploit
for the Telnetd buffer overflow on solaris,
or know where to get one?


// pp


Now why would you possible want something like that...if you were an
admin, you'd just patch your
box and forget it. I can only assume you're trying to get into someone
elses box, what makes you
think I'm going to give you a script so you can get someone fired from
their job because you felt
like being an 3r3ct skr1pt k1ddi3.

-fintler <fintler () halfbug com>

__________________________________________________
Do You Yahoo!?
Get email alerts & NEW webcam video instant messaging with Yahoo!
Messenger
http://im.yahoo.com


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
        ***testing, only testing, and damn good at it too!***

OK, so you're a Ph.D.  Just don't touch anything.

Current thread:

Telnetd exploit for solaris Labkonto (Sep 05)
- Re: Telnetd exploit for solaris fintler (Sep 05)
  - RE: Telnetd exploit for solaris Dom De Vitto (Sep 06)
  - Re: Telnetd exploit for solaris Alex Pearsall (Sep 06)
    - Re: Telnetd exploit for solaris Ron DuFresne (Sep 06)
  - Re: Telnetd exploit for solaris sween (Sep 06)
    - Re: Telnetd exploit for solaris sa7ori (Sep 06)
    - RE: Telnetd exploit for solaris Joseph Spears (Sep 07)
    - RE: Telnetd exploit for solaris Dom De Vitto (Sep 07)
    - Re: Telnetd exploit for solaris Stanley G. Bubrouski (Sep 06)
    - Re: Telnetd exploit for solaris Kaneda Akira (Sep 07)
    - Re: Telnetd exploit for solaris Cory McIntire (Sep 07)
    - Re: Telnetd exploit for solaris H D Moore (Sep 07)
    - Re: Telnetd exploit for solaris James Puckett (Sep 07)
    - Re: Telnetd exploit for solaris Joseph Mallett (Sep 07)

(Thread continues...)