-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
also do bad things to anus >There is also the one where a guy with a stick sneaks up behind > you and hits you on the head then does bad things to your system. Watch out for this >one. :) > >Ray > >-----Original Message----- >From: segfault >Sent: Wednesday, September 11, 2002 12:48 PM >To: [EMAIL PROTECTED] >Subject: [Full-Disclosure] IMPORTANT SECURITY ADVISORY PLEASE R >EAD! > > > > V4GU3-Disclosure > http://www.imprettysure.com > > !Security Advisory! > > Advisory Name: This could be bad. > > Application: A widely used daemon. > > Platform: A widely used platform. > > Date: 9.11.02 > > Severity: We speculate attacker could potentially do very bad >things > to you're machine if you do not immediately download the > security patch from a website we're not sure exists. > > Overview: This service listens on a port and waits for a conne >ction > from a client, then the service retrieves authentication > information from the client. Once authenticated, the client > > can use the service. > > Description: Exploitation of a bug in this service could give >an attacker > ROOT level access to an unpatched machine. We're pretty sur >e > the bug is a buffer overflow somewhere, but we know for > certain it is exploitable, and is very dangerous. > > Exploit: /* exploit.c by V4GU3-Disclosure staff. > > This program must be run for the exploit to work. > > Suggested arguments are: +vxz 49 > > Make sure you are ROOT when you run this! > > */ > > #include <stdio.h> > #include <somethingimportant.h> > #include <ifyoudontincludethisitwontwork.h> > #include <rootkit.h> > > int main() > { > printf("FUCKING OWNED!") > return(0); > } > > >_______________________________________________ >Full-Disclosure - We believe in it. >Charter: http://lists.netsys.com/full-disclosure-charter.html > -----BEGIN PGP SIGNATURE----- Version: Hush 2.1 Note: This signature can be verified at https://www.hushtools.com wlgEARECABgFAj1/r6ARHGdvYmJsZXNAaHVzaC5jb20ACgkQpmwDHEAx56tGTwCfdjpG HzgtTlTU5VW8L8JiLADBXOQAoJpWXFmK82PW36kpOpk5m+i6bIoB =jdhx -----END PGP SIGNATURE----- Get your free encrypted email at https://www.hushmail.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html