From owner-freebsd-security Wed Nov 4 05:26:02 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id FAA21909 for freebsd-security-outgoing; Wed, 4 Nov 1998 05:26:02 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from heidegger.uol.com.br (heidegger.uol.com.br [200.230.198.88]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id FAA21619 for ; Wed, 4 Nov 1998 05:25:44 -0800 (PST) (envelope-from agora@agoractvm.com.br) Received: from agoractvm.com.br (rjo-1-as01-7-a28.gd.uol.com.br [200.224.131.28]) by heidegger.uol.com.br (8.9.1/8.9.1) with ESMTP id LAA17040; Wed, 4 Nov 1998 11:26:57 -0200 (EDT) Message-ID: <364054DC.DF96B116@agoractvm.com.br> Date: Wed, 04 Nov 1998 11:21:32 -0200 From: =?iso-8859-1?Q?Teleinform=E1tica?= Reply-To: agora@uol.com.br Organization: =?iso-8859-1?Q?=C1GORA?= C.T.V.M. S/A X-Mailer: Mozilla 4.5 [en] (Win98; I) X-Accept-Language: en MIME-Version: 1.0 To: FreeBSD Security CC: Cristiano Colpani , Guilherme Galileo Cox , "Nilson R. A. de Brito" Subject: [Fwd: SSHD Exploit] Content-Type: multipart/mixed; boundary="------------0025AF466B75829A90012340" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org This is a multi-part message in MIME format. --------------0025AF466B75829A90012340 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit -- Regards, _______________________ | Nelson 'Stderr' Brito |_________________________________ |_________________________________________________________| |Finger Print: | A2E0 D90E 413A 515A 10C9 C0CE 4855 D523 | | E-mail: | nelson@cyberspace.org | | URL: | http://www.angelfire.com/sd/stderr | | Public key: | See the URL | |______________|__________________________________________| |ooooooooooooooooooooooooooooooooooooooooooooooooooooooooo| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ --------------0025AF466B75829A90012340 Content-Type: message/rfc822 Content-Transfer-Encoding: 7bit Content-Disposition: inline Received: by pascal (mbox agora) (with Cubic Circle's cucipop (v1.22 1998/04/11) Wed Nov 4 09:24:47 1998) X-From_: root Wed Nov 4 01:08:10 1998 Received: from brimstone.netspace.org (brimstone.netspace.org [128.148.157.143]) by pascal.uol.com.br (8.9.1/8.9.1) with ESMTP id BAA12002; Wed, 4 Nov 1998 01:08:03 -0200 (EDT) Received: from netspace.org ([128.148.157.6]:54856 "EHLO netspace.org" ident: "TIMEDOUT2") by brimstone.netspace.org with ESMTP id <77774-27536>; Tue, 3 Nov 1998 21:37:34 -0500 Received: from NETSPACE.ORG by NETSPACE.ORG (LISTSERV-TCP/IP release 1.8c) with spool id 4569238 for BUGTRAQ@NETSPACE.ORG; Tue, 3 Nov 1998 21:30:42 -0500 Approved-By: aleph1@DFW.NET Received: from gti.net (apollo.gti.net [199.171.27.7]) by netspace.org (8.8.7/8.8.7) with ESMTP id RAA18872 for ; Sun, 1 Nov 1998 17:05:06 -0500 Received: from localhost (jfoutts@localhost) by gti.net (8.9.1/8.8.8) with ESMTP id RAA24814 for ; Sun, 1 Nov 1998 17:05:07 -0500 (EST) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Message-ID: Date: Sun, 1 Nov 1998 17:05:07 -0500 Reply-To: Justin Foutts Sender: Bugtraq List From: Justin Foutts Subject: SSHD Exploit To: BUGTRAQ@netspace.org X-Mozilla-Status2: 00000000 On a system I administer I found a program named sshdwarez.c in one of my user's home directories. Upon further inspection I found that this was the source code of an x86/Linux remote buffer overflow exploit for sshd versions 1.2.26 and below. I have tested this exploit on a number of my systems and have obtained remote root access on each one. I will not post this exploit as it could give crackers a tool to gain unauthorized access to systems. I STRONGLY recommend that everyone upgrade their versions of sshd as soon as possible. Thanks! Justin --------------0025AF466B75829A90012340-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message