y the same executable. Note that EIP is overwritten and remote
access can be gained.
The newest version, version 3.1.3 of the software is not vulnerable. All
users of
version 2.3.1 of the software should upgrade as v2.3.1 and other older
versions are no longer supported
by the vendor.
-Steven
- Original Message -
From: Marc Esipovich <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, December 22, 1999 3:20 AM
Subject: Re: Announcement: Solaris loadable kernel module backdoor
> > With the proliferation of these types of backdoors, is there any way to
> > prevent your
Update:
Imail V6.0 is still vulnerable to this problem. Happy Holidays everyone.
-steven
P.S. Someone tell santa I want a new video card for Christmas.
rogram is, I am disassembling it now and will post again
later. The header from the message I received indicates that the mail was
received by my mail server from "stu.chesapeake.net, 205.130.220.9". If
anyone knows anything more please email me.
-steven alexander
[EMAIL PROTECTED] I will post a dissasembly of both files on my website
http://www.cell2000.net/security/
-steven alexander
e reading, perhaps they should consider MD5 or another hash
algorithm.
-steven
- Original Message -
From: Mikael Olsson <[EMAIL PROTECTED]>
To: Steven Alexander <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Wednesday, December 22, 1999 1:27 PM
Subject: Re: [w00gi
Ipswitch doesn't seem to get the point. This scheme is is only slightly
different than their old one(for version 4.X) which I released an advisory
about many months ago.
-steven
- Original Message -
From: Matt Conover <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, December 20