lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Wed May 11 19:41:56 2005
From: kf_lists at digitalmunition.com (KF (lists))
Subject: OpenServer 5.0.6 OpenServer 5.0.7 : chroot
	A	known exploit can break a chroot prison.

Anyone ever wonder why all their security advisories come out for known 
issues two years after they have been found?

Anyone ever wonder why they STILL use a vulnerble version of wu ftpd on 
one of their main servers?

Connected to ftpput.sco.com.
220 artemis FTP server (Version 2.1WU(1)) ready.
Name (ftpput.sco.com:doucheknob):

Move along... nothing to see here but a decrepid OS that no one cares 
about.
-KF


James Longstreet wrote:

>On Wed, 11 May 2005 please_reply_to_security@....com wrote:
><snip>
>
>Has anyone ever wondered why SCO's mails come from
>please_reply_to_security@....com?  Why not just make them come from
>security@....com?  Or at least set the Reply-To: field?
>
>Other than preventing spam, is there a greater purpose here that I'm
>missing?
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>Hosted and sponsored by Secunia - http://secunia.com/
>
>
>
>  
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ