[ntp:hackers] re: 0day for ntp -- standing down

Paul Vixie paul at vix.com
Tue Jan 10 23:09:06 UTC 2006


re:

------- Forwarded Message

X-Account-Key: account4
Date: Tue, 10 Jan 2006 20:39:49 +0100
From: Przemyslaw Frasunek <venglin at freebsd.lublin.pl>
Organization: czuby.net
User-Agent: Mozilla Thunderbird 1.0.7 (Windows/20050923)
To: full-disclosure at lists.grok.org.uk
Subject: Re: [Full-disclosure] ntpd stack evasion exploit
X-Enigmail-Version: 0.93.0.0
X-Virus-Scanned: ClamAV 0.87.1/1237/Tue Jan 10 16:53:20 2006 on
	mailhost.freebsd.lublin.pl
X-Virus-Status: Clean
Sender: full-disclosure-bounces at lists.grok.org.uk

!bSt bitwarz Security Team napisał(a):
> /* ntpd remote root no-exec stack evasion spl0it
>  * by m0sk0v

well... stolen code from my exploit (and advisory) published almost five
years ago on bugtraq. only comments and printfs where changed.

http://marc.theaimsgroup.com/?l=bugtraq&m=98642418618512&w=2

-- 
* Fido: 2:480/124 ** WWW: http://www.frasunek.com/ ** NICHDL: PMF9-RIPE *
* JID: venglin at jabber.atman.pl ** PGP ID: 2578FCAD ** HAM-RADIO: SQ8JIV *
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


--------


More information about the hackers mailing list