Re: Telnetd exploit for solaris

From: Ron DuFresne (dufresneat_private)
Date: Thu Sep 06 2001 - 15:36:32 PDT

Next message: .MetsyS.: "Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.)"

Previous message: .MetsyS.: "Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.)"
In reply to: Alex Pearsall: "Re: Telnetd exploit for solaris"
Next in thread: sween: "Re: Telnetd exploit for solaris"
Next in thread: lazy: "Re: Telnetd exploit for solaris"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Alfred Huger <ahat_private>
Subject: Multiple Vendor Telnetd Buffer Overflow Vulnerability Worm
Date: Wed, 5 Sep 2001 15:35:10 -0600 (MDT)
Heya all,

There is apparently a worm in circulation which exploits the Multiple
Vendor Telnetd Buffer Overflow Vulnerability BID 3064:

http://www.securityfocus.com/bid/3064

The ARIS Analyst Team are actively looking for a copy of this worm, "x.c"
should you have a copy of it and be willing to shoot it this way we would
deeply appreciate it. Any research we perform will posted directly back to
the list(s) for public consumption.

VP Engineering
SecurityFocus
"Vae Victis"


Looks like exploits are just starting to hit the wild.

Thanks,

Ron DuFresne

On Thu, 6 Sep 2001, Alex Pearsall wrote:

> On 2001.09.05 19:15 fintler wrote:
> 
> Actually, I know its not nesscarily kosher, but I would like to know if
> there is a exploit.  Here at work, we have a couple sun boxes, and from
> what i've seen, it doesnt look like there is one.  Bvut I'd like to know,
> either way.  
> 
> I'm not a script kiddie, or a cracker.  I'm just a UNIX admin that wants to
> test how severe the problem is.
> Thank you for any help!
> 
> -- 
> --------------------------------
> Alex Pearsall   ESPN UNIX Admin   
>      alex.pearsallat_private
>      rebelpacketat_private
>       Office: 860-766-7265
>       Mobile: 860-798-6481
> --------------------------------
> 
> 
> > 
> > --- Labkonto <ppht-15at_private> wrote:
> > > Anyone here that developed an exploit
> > > for the Telnetd buffer overflow on solaris,
> > > or know where to get one?
> > > 
> > > 
> > > // pp
> > > 
> > 
> > Now why would you possible want something like that...if you were an
> > admin, you'd just patch your
> > box and forget it. I can only assume you're trying to get into someone
> > elses box, what makes you
> > think I'm going to give you a script so you can get someone fired from
> > their job because you felt
> > like being an 3r3ct skr1pt k1ddi3.
> > 
> > -fintler <fintlerat_private>
> > 
> > __________________________________________________
> > Do You Yahoo!?
> > Get email alerts & NEW webcam video instant messaging with Yahoo!
> > Messenger
> > http://im.yahoo.com
> > 
> 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
	***testing, only testing, and damn good at it too!***

OK, so you're a Ph.D.  Just don't touch anything.

Next message: .MetsyS.: "Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.)"
Previous message: .MetsyS.: "Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.)"
In reply to: Alex Pearsall: "Re: Telnetd exploit for solaris"
Next in thread: sween: "Re: Telnetd exploit for solaris"
Next in thread: lazy: "Re: Telnetd exploit for solaris"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Sep 06 2001 - 15:42:49 PDT