[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <200209112003.g8BK3Y355068@mailserver4.hushmail.com>
From: gobbles at hush.com (gobbles@...h.com)
Subject: IMPORTANT SECURITY ADVISORY PLEASE READ!
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
also do bad things to anus
>There is also the one where a guy with a stick sneaks up behind
> you and hits you on the head then does bad things to your system. Watch out for this one. :)
>
>Ray
>
>-----Original Message-----
>From: segfault
>Sent: Wednesday, September 11, 2002 12:48 PM
>To: full-disclosure@...ts.netsys.com
>Subject: [Full-Disclosure] IMPORTANT SECURITY ADVISORY PLEASE R
>EAD!
>
>
>
> V4GU3-Disclosure
> http://www.imprettysure.com
>
> !Security Advisory!
>
> Advisory Name: This could be bad.
>
> Application: A widely used daemon.
>
> Platform: A widely used platform.
>
> Date: 9.11.02
>
> Severity: We speculate attacker could potentially do very bad
>things
> to you're machine if you do not immediately download the
> security patch from a website we're not sure exists.
>
> Overview: This service listens on a port and waits for a conne
>ction
> from a client, then the service retrieves authentication
> information from the client. Once authenticated, the client
>
> can use the service.
>
> Description: Exploitation of a bug in this service could give
>an attacker
> ROOT level access to an unpatched machine. We're pretty sur
>e
> the bug is a buffer overflow somewhere, but we know for
> certain it is exploitable, and is very dangerous.
>
> Exploit: /* exploit.c by V4GU3-Disclosure staff.
>
> This program must be run for the exploit to work.
>
> Suggested arguments are: +vxz 49
>
> Make sure you are ROOT when you run this!
>
> */
>
> #include <stdio.h>
> #include <somethingimportant.h>
> #include <ifyoudontincludethisitwontwork.h>
> #include <rootkit.h>
>
> int main()
> {
> printf("FUCKING OWNED!")
> return(0);
> }
>
>
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.netsys.com/full-disclosure-charter.html
>
-----BEGIN PGP SIGNATURE-----
Version: Hush 2.1
Note: This signature can be verified at https://www.hushtools.com
wlgEARECABgFAj1/r6ARHGdvYmJsZXNAaHVzaC5jb20ACgkQpmwDHEAx56tGTwCfdjpG
HzgtTlTU5VW8L8JiLADBXOQAoJpWXFmK82PW36kpOpk5m+i6bIoB
=jdhx
-----END PGP SIGNATURE-----
Get your free encrypted email at https://www.hushmail.com
Powered by blists - more mailing lists