| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: ashlieangel86 at hotmail.com (segfault)
Subject: IMPORTANT SECURITY ADVISORY PLEASE READ!
V4GU3-Disclosure
http://www.imprettysure.com
!Security Advisory!
Advisory Name: This could be bad.
Application: A widely used daemon.
Platform: A widely used platform.
Date: 9.11.02
Severity: We speculate attacker could potentially do very bad things
to you're machine if you do not immediately download the
security patch from a website we're not sure exists.
Overview: This service listens on a port and waits for a connection
from a client, then the service retrieves authentication
information from the client. Once authenticated, the client
can use the service.
Description: Exploitation of a bug in this service could give an attacker
ROOT level access to an unpatched machine. We're pretty sure
the bug is a buffer overflow somewhere, but we know for
certain it is exploitable, and is very dangerous.
Exploit: /* exploit.c by V4GU3-Disclosure staff.
This program must be run for the exploit to work.
Suggested arguments are: +vxz 49
Make sure you are ROOT when you run this!
*/
#include <stdio.h>
#include <somethingimportant.h>
#include <ifyoudontincludethisitwontwork.h>
#include <rootkit.h>
int main()
{
printf("FUCKING OWNED!")
return(0);
}
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20020911/468e6a19/attachment.html
Powered by blists - more mailing lists