Fsck, I am always surprised what kind of personal flames are being directed towards Theo in person... As Ryan stated, there is no where in this code where the sockets are properly set up in being used on a remote way, so please step down and don't even think about " remote exploit ". The only -remote- exploit I have seen -today- is the Pizda.c FTPd exploit ( with a kiddie-alike broken code, this is a no brainer ), which exploits the LIST boundaries, from the first looks at it. Please, get your story straight before posting stuff on this list, and please... get that attitude fixed. Is it so hard to release code without flaming OpenBSD people ( Theo in particular ), or do certain people get off on this ranting? Since, this listing is discussing vulnerabilities, ... it has no point in going advocacy, there are other mailing lists for this, but please... my worthless .2 cents Fsck Theo Dumbraadt wrote: > This code shows a remote exploit for opensbsd versions 2.8 and 2.9 > and can now be released to the public to break theo's 4 years without > remote exploits sayings. I wrote it while people told me it could not > happen on the list so here is your proofs bitch. > [ useless info snipped ]
This archive was generated by hypermail 2b30 : Wed Jun 06 2001 - 20:43:57 PDT