lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <40619177.6080401@immunitysec.com>
Date: Wed, 24 Mar 2004 08:47:35 -0500
From: Dave Aitel <dave@...unitysec.com>
To: "Johan A.van Zanten" <johan@...anglers.com>
Cc: bugtraq@...urityfocus.com
Subject: Re: Immunity Advisory: dtlogin remote root


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Johan A.van Zanten wrote:

| The PDF version of your advisory indicates that your upcoming (29 Mar
|2004, according to those patent-happy people over at amazon.com) book
|includes scripts that can be used to test for the vulnerability. Are you
|going to provide any scripts or code fragments so that people can test
|their systems?  As things stand, it looks a lot like you're trying to
|generate book sales by releasing a content-light advisory 6 days before
|your book comes out.


Technically the book is already out (you can walk over to Wiley's
office in Hoboken and buy it, probably). I recommend people buy it at
B&N or their local college bookstore since I totally agree that method
and software patents do many evil things and companies who insist on
purchasing such things should be shunned. It's known to be difficult
to purchase a copy of CANVAS if you are, say, someone who blackmailed
everyone who had a .gif on their website.

(snipped, a lot of good configuration of dtlogin information)

I don't think the access stuff works - but it might. It's literally
been almost two years since I found this vulnerability, and I did not
do as thorough a testing job as I could have. I did release a SPIKE
script that can be used to test for this vulnerability, though. It's
in the Wiley pack-of-exploits that was released with the book.

http://www.wiley.com/legacy/compbooks/koziol/

You'll see Sinan Eren's kernel local for Solaris there, and CANVAS's
old Win32 shellcode, as well as a bunch of other interesting
information about Oracle, DB2, etc.

Dave Aitel
Senior Vice President, Public Relations
Immunity, Inc.
P.S. I know it's a huge astounding surprise when a company releases an
advisory just for monetary gain and not for the betterment of mankind,
but I assure you that the 4 cents I make per book were not a factor.
For those of you contemplating writing a book for huge financial gain,
let me key you in on a simple fact of publishing: the publisher keeps
the money. Unless your name is "Stephen King" or your book is entitled
"Harry Potter and the New Shaving Kit by JK Rowling" you won't make
more than 10K on a book, which you probably worked 400 hours on.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFAYZF2zOrqAtg8JS8RAkLFAKCL950JLBFr88itsC3++ZDOn2+BXwCdFAKM
TiAWoYiyTuZ8IZFy06Ck2dQ=
=KLAT
-----END PGP SIGNATURE-----



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ