I don't know if this is worth mentioning, but old versions of qpop have the same problem; SGI distributes version 2.1.4.something with Irix 6.2; using the qpush exploit, I managed to make it dump core; no remote shell, but that would be matter of a little experimentation... maybe i'm foolish for using an older version... has anyone managed to exploit a *current* version on SGI so far? thanks, Klaus -- TODO: 1) learn how to use my new Unix account. 2) learn how to change this list. -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.2 mQCNAzWQQ7QAAAEEALulvoUfgDSsm9FkcznQ4z4EZrjBlPPcNqLm9HKD2QSEcJKU 7ewiIVKEPkQc0PLRlsedwv8VN4TruzNhsIigHmRkBoyb4UYLIVRDXqirhJmsvkaW f0/ahkd+sy35AAiWi8xu0tSISbd8P5sHr5l+1tJH2Z/mQ8OkZBfiXzM9H40RAAUT tA9LbGF1cyBQLiBTdGVkZW6JAJUDBRA1kEkoF+JfMz0fjREBAVIeBACnEmwA+sLS RmWadyEtI9vL9FT+qv6o77sm0AptBy+ZAnCK20V1TyjwyTs1nHSkfWJxABx9zWUH DtMN3vZ/2Q/mnYDUcJEwH/p2e29ETYA7ss/eRBOW4DQ226uYN2R2HTtFB8ZhWS4a 1UovSLmVDsk0FX5q7DXkGToVRl/u9boK4Q== =KfVd -----END PGP PUBLIC KEY BLOCK-----
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:00:45 PDT