From owner-freebsd-bugs Sun Sep 22 2:53: 6 2002 Delivered-To: freebsd-bugs@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3B97C37B401 for ; Sun, 22 Sep 2002 02:53:05 -0700 (PDT) Received: from web.info.uvt.ro (web.info.uvt.ro [194.102.62.5]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6429543E65 for ; Sun, 22 Sep 2002 02:53:03 -0700 (PDT) (envelope-from cizbasa@info.uvt.ro) Received: (from nobody@localhost) by web.info.uvt.ro (8.11.4/8.11.4) id g8MCpsE02575; Sun, 22 Sep 2002 15:51:54 +0300 X-Authentication-Warning: web.info.uvt.ro: nobody set sender to cizbasa@info.uvt.ro using -f Received: from 213.154.157.188 (SquirrelMail authenticated user cizbasa) by web.info.uvt.ro with HTTP; Sun, 22 Sep 2002 15:51:54 +0300 (EEST) Message-ID: <33475.213.154.157.188.1032699114.squirrel@web.info.uvt.ro> Date: Sun, 22 Sep 2002 15:51:54 +0300 (EEST) Subject: *BSD remote kernel-level (TCP/IP stack) vulnerability! - ABFrag.c From: To: X-Priority: 1 Importance: High X-MSMail-Priority: High X-Mailer: SquirrelMail (version 1.2.7) MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hello, First of all this is hear-say, but being from a reliable source (imho), here it is: There supposedly is an exploit named ABFrag.c in the wild that affects the TCP/IP stack on *BSD systems, providing remote root shell to the attacker. The system of someone that I know has been rooted using it (he was pasted some lines from his /etc/shadow as proof). Good luck, Cornel Izbasa To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message