--On Tuesday, July 22, 2008 09:35:03 +0200 Lucio Crusca <[EMAIL PROTECTED]> wrote:
> Alex Howells wrote: > >> Probably not and I can't think anyone hiding a 0-day is going to >> release it for this. Sorry. > No 0-day needed here, Lenny does not have security updates, so all I need is > some PoC code already released in the last few months... > > Paul Schmehl wrote: >> Ask the hosting company > It's a firewalled LAN machine that had the VNC port open for a while, but > it's not hosted by a provider, my customer has it under its desk (yes, ok, > it's not really mine, but my customer doesn't even know what a computer > is). I can access it now with ssh through a tunnel, that's all I have. > So call your customer up and walk him through rebooting, going into single user mode and changing the password. -- Paul Schmehl As if it wasn't already obvious, my opinions are my own and not those of my employer. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/