[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] ntpd stack evasion exploit

To: Przemyslaw Frasunek <venglin@xxxxxxxxxxxxxxxxx>
Subject: Re: [Full-disclosure] ntpd stack evasion exploit
From: "ad@xxxxxxxxxxxxxxxx" <ad@xxxxxxxxxxxxxxxx>
Date: Tue, 10 Jan 2006 23:32:31 +0100

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
 
this is soooo lol , nice lookup Przemyslaw

Przemyslaw Frasunek wrote:
> !bSt bitwarz Security Team napisaÅ(a):
>> /* ntpd remote root no-exec stack evasion spl0it * by m0sk0v
>
> well... stolen code from my exploit (and advisory) published almost
> five years ago on bugtraq. only comments and printfs where changed.
>
>
> http://marc.theaimsgroup.com/?l=bugtraq&m=98642418618512&w=2
>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)
 
iQIVAwUBQ8Q1/6+LRXunxpxfAQJS8w//RYiT1Z69YY2xruixzpjtc1GOD10YAcgH
lO2+LAy3K/TtxnjuryHjiY83epo7HtUSvFp2iRGUaNqdGCnND6wLPZ7QYDuy8pX9
iwdqMch3P2qOscJ94PqF/jyFtVz0zx+3d9uER1L+uKZWa/QKTxEHDcvXRoCBPk4x
cuc8hsjg/GteG/Ti28Ot6mMCae7FZGi6luHjFISI+Mww5Ps1QdGO2s7rK2OozuyL
Sx6syB6r4cAvtGT/uIjirG+4eC+DwAKJbGAY5Kv6k5TqXeN6QSJes5oD5Jy9r/LV
/irxGYHIiV2Rrap4ajEm3SCzRIv3yimpiGAbCN20ifNmpNlMwNI4UnwUGX+HOQDs
WS4hbPfUYYOvqWTSioOimeaFlH6anw+7JPc9hn+OhRCsN+GrG1ielJMlFnnx+yxh
L7WgyhRgtFTb1AG95gQBo1kOMYyCPRrxI/3+xPSAMzKaPKyUEOPEQkL1o4xTnvvp
6mJfY/KvzDcjChzzAtvPGuV0ITbtrcbf/cOP2S3LuNsJoOLJA9cCuXqfSUq+tgPG
kQ5XuQDt63SaDj/gtoj6lbrswprwGp7pWyw6Ezfakq8XlABuWXj+uN+0q2QSBIpN
Zz7ccKBkaxEe1+J2H2e02GAC3tHxOxSzCHoQRoDBDePyQqlF9Uo5jPxN725V5NCM
UWXxBYp4RG4=
=UyN2
-----END PGP SIGNATURE-----


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] ntpd stack evasion exploit
  - From: Sean Crawford

References:
- [Full-disclosure] ntpd stack evasion exploit
  - From: !bSt bitwarz Security Team
- Re: [Full-disclosure] ntpd stack evasion exploit
  - From: Przemyslaw Frasunek

Prev by Date: Re: [Full-disclosure] How to Determine My System Vulnerabilities
Next by Date: [Full-disclosure] [FLSA-2006:167803] Updated mysql packages fix security issues
Previous by thread: Re: [Full-disclosure] ntpd stack evasion exploit
Next by thread: Re: [Full-disclosure] ntpd stack evasion exploit
Index(es):
- Date
- Thread