| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: titus at hush.com (titus@...h.com) Subject: iDEFENSE Security Advisory 09.16.03: Remote Root Exploitation of Default Solaris sadmind Setting -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 It's news worthy. This vulnerability has been privately exploited for at least 7 years. Most Solaris machines that have sadmin open are exploitable. It's a shame to see an excellent vulnerability such as this finally be made public. > Hasn't there always been a warning in the sadmind man page about security > levels less than 3? I'm not sure this "exploit" is newsworthy. > > [d] -----BEGIN PGP SIGNATURE----- Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 2.3 wkYEARECAAYFAj9nYUoACgkQlM5X+CwKCzEocQCfYqY4ViwoPQ/Qyv9iNAoS4rMYyBUA n3vYZmxYmUaDyHsn1/uvA9vDT/ek =KsNC -----END PGP SIGNATURE-----
Powered by blists - more mailing lists