| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <42827288.80901@digitalmunition.com> Date: Wed May 11 22:15:01 2005 From: kf_lists at digitalmunition.com (KF (lists)) Subject: OpenServer 5.0.6 OpenServer 5.0.7 : chroot A known exploit can break a chroot prison. Vincent van Scherpenseel wrote: >On Wednesday 11 May 2005 20:44, KF (lists) wrote: > > >>Anyone ever wonder why all their security advisories come out for known >>issues two years after they have been found? >> >>Anyone ever wonder why they STILL use a vulnerble version of wu ftpd on >>one of their main servers? >> >>Connected to ftpput.sco.com. >>220 artemis FTP server (Version 2.1WU(1)) ready. >>Name (ftpput.sco.com:doucheknob): >> >>Move along... nothing to see here but a decrepid OS that no one cares >>about. >>-KF >> >> > >Keep in mind that you shouldn't fully rely on service banners. These are >easily faked to keep the script kiddies away. I know, that's security through >obscurity, but not the whole world is Full Disclosure. > > - Vincent van Scherpenseel > > > keep in mind that this has been like this for *YEARS*. I highly doubt they have gone through the trouble of faking output for the format string vulnerability. Telnet to the port and test the site exec shit by hand yourself... although I have not checked I would almost bet you get memory addresses popping up. I actually spoke to previous sco admins about it when I used to work with them on security issues. At the time they could not track down the admin of the box... after the caldera merger I would imagine it just sat there. http://lists.grok.org.uk/pipermail/full-disclosure/2003-August/008577.html -KF
Powered by blists - more mailing lists