[ntp:hackers] re: 0day for ntp -- standing down

Paul Vixie paul at vix.com
Tue Jan 10 23:09:06 UTC 2006


------- Forwarded Message

X-Account-Key: account4
Date: Tue, 10 Jan 2006 20:39:49 +0100
From: Przemyslaw Frasunek <venglin at freebsd.lublin.pl>
Organization: czuby.net
User-Agent: Mozilla Thunderbird 1.0.7 (Windows/20050923)
To: full-disclosure at lists.grok.org.uk
Subject: Re: [Full-disclosure] ntpd stack evasion exploit
X-Virus-Scanned: ClamAV 0.87.1/1237/Tue Jan 10 16:53:20 2006 on
X-Virus-Status: Clean
Sender: full-disclosure-bounces at lists.grok.org.uk

!bSt bitwarz Security Team napisał(a):
> /* ntpd remote root no-exec stack evasion spl0it
>  * by m0sk0v

well... stolen code from my exploit (and advisory) published almost five
years ago on bugtraq. only comments and printfs where changed.


* Fido: 2:480/124 ** WWW: http://www.frasunek.com/ ** NICHDL: PMF9-RIPE *
* JID: venglin at jabber.atman.pl ** PGP ID: 2578FCAD ** HAM-RADIO: SQ8JIV *
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


More information about the hackers mailing list