Re: Bind 9.2.X exploit???
From: Muhammad Faisal Rauf Danka (mfrd@attitudex.com)Date: 07/25/02
- Previous message: pj@esec.dk: "Increasing compromises of NT servers with Serv-U and Unicode ?"
- Maybe in reply to: ilker : "Bind 9.2.X exploit???"
- Next in thread: Sebastian: "Re: Bind 9.2.X exploit???"
- Next in thread: Patrick Andry: "Re: Bind 9.2.X exploit???"
- Reply: Sebastian: "Re: Bind 9.2.X exploit???"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 24 Jul 2002 23:04:58 -0700 (PDT) From: Muhammad Faisal Rauf Danka <mfrd@attitudex.com> To: incidents@securityfocus.com
Yes i also found the very same tool like back in April on one of my client's compromised RH machine.
I think the comments/* */ portion contains a copyright by teso.
So probably, you cannot just distributed it like that, or maybe you can
I'm not too sure, there have been some scene before regarding such
issues with the freebsd remote telnet exploit by the same teso people.
Regards,
---------
Muhammad Faisal Rauf Danka
Chief Technology Officer
Gem Internet Services (Pvt) Ltd.
web: www.gem.net.pk
--- ilker "güvercin" <holy@linuxmail.org> wrote:
>
>
>I found a tool on my compramised machine called
>bind9 and the source code is still there.
>its made by team teso bind9 Exploit by by scut of
>teso [http://teso.scene.at/]...
>Usage: ./bind remote_addr domainname target_id
>Targets:
> 0 - Linux RedHat 6.0 (9.2.x)
> 1 - Linux RedHat 6.2 (9.2.x)
> 2 - Linux RedHat 7.2 (9.2.x)
> 3 - Linux Slackware 8.0 (9.2.x)
> 4 - Linux Debian (all) (9.2.x)
> 5 - FreeBSD 3.4 (8.2.x)
> 6 - FreeBSD 3.5 (8.2.x)
> 7 - FreeBSD 4.x (8.2.x)
>
> Example usage:
>$ host -t ns domain.com
>domain.com name server dns1.domain.com
>$ ./bind9 dns1.domain.com domain.com 0
> [..expl output..]
>I didnt test it; its workin or not.
>Anybody have knowlegde about this.Sorry for my
>poor english:)
>if anyone wanna test it I can send the source code.
>holy@linuxmail.org
>
>----------------------------------------------------------------------------
>This list is provided by the SecurityFocus ARIS analyzer service.
>For more information on this free incident handling, management
>and tracking system please see: http://aris.securityfocus.com
_____________________________________________________________
---------------------------
[ATTITUDEX.COM]
http://www.attitudex.com/
---------------------------
_____________________________________________________________
Promote your group and strengthen ties to your members with email@yourgroup.org by Everyone.net http://www.everyone.net/?btn=tag
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
- Previous message: pj@esec.dk: "Increasing compromises of NT servers with Serv-U and Unicode ?"
- Maybe in reply to: ilker : "Bind 9.2.X exploit???"
- Next in thread: Sebastian: "Re: Bind 9.2.X exploit???"
- Next in thread: Patrick Andry: "Re: Bind 9.2.X exploit???"
- Reply: Sebastian: "Re: Bind 9.2.X exploit???"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
