lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20040827224032.GA29990@iq.pl>
From: zim at iq.pl (Robert Jaroszuk)
Subject: !SPAM! Automated ssh scanning

On Fri, 27 Aug 2004, andreas@...erno.nadir.org wrote:

> Richard,
> 
> if you have another spare box, just install it like the first one 
> and try all the exploits you got from the intruder. 
> You have most likely a complete history file, so where's the problem?
> Remember, one of these binaries seems to be infected with RST, so erase 
> that box afterwards..;)
> After that we hopefully can get rid of this thread...

I have checked today dist-upgraded debian sarge, with *default* kernel 
(2.4.18-bf2.4), and it is still *vulnerable* to do_brk, kmod, and
ptrace exploits.

This kernel seems to be *not* patched since 2002.

-- 
..... Robert Jaroszuk - zim iq pl - [ IQ PL Sp. z o.o. ] .....
GCS/IT/O d? s: a-- C++ ULB++++$ P+ L++++$ E--- W- K- N+ DI+ V-
w M- PS+ PE Y(+) PGP-(+++) t-- 5? X- R tv-- b++>++++ D- y+ G++
.. http://zim.iq.pl/ . RJ735-RIPE . http://zim.iq.pl/photo/ ..
... The superior warrior wins without fighting -- Sun Tzu. ...

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ