lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <40B8A448.70806@onryou.com>
From: lists2 at onryou.com (Cory Donnelly)
Subject: Re: rsynd-too-open.c posted on fd is backdoored.  Don't run it!!!

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

DownBload / Illegal Instruction Labs wrote:

> rsync <= 2.6.1 remote exploit posted to full disclosure list is a fake
> and malicious exploit.
> Don't run it!!!

This just in: Full-Disclosure is not the last bastion of human decency
we all thought it was!

It amazes me that someone might actually compile and execute code sent
out via FD -- especially while logged into a real account on a real
machine.  I bet they're the same folks who enjoy free chewing gum found
under chairs.

C

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (MingW32)

iD8DBQFAuKRIokBdAgPGOhURApJnAKDkRzAeALuNRMNLitrfshivow6NrwCg4EFK
9yG53JhXfsObjd/tQS6qo3A=
=ZHlG
-----END PGP SIGNATURE-----


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ