Date: Wed, 04 Nov 1998 11:21:32 -0200 From: =?iso-8859-1?Q?Teleinform=E1tica?= <agora@uol.com.br> To: FreeBSD Security <freebsd-security@FreeBSD.ORG> Cc: Cristiano Colpani <colpani@furb.rct-sc.br>, Guilherme Galileo Cox <cox@ibrati.com.br>, "Nilson R. A. de Brito" <niusin@montreal.com.br> Subject: [Fwd: SSHD Exploit] Message-ID: <364054DC.DF96B116@agoractvm.com.br>
next in thread | raw e-mail | index | archive | help
This is a multi-part message in MIME format. --------------0025AF466B75829A90012340 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit -- Regards, _______________________ | Nelson 'Stderr' Brito |_________________________________ |_________________________________________________________| |Finger Print: | A2E0 D90E 413A 515A 10C9 C0CE 4855 D523 | | E-mail: | nelson@cyberspace.org | | URL: | http://www.angelfire.com/sd/stderr | | Public key: | See the URL | |______________|__________________________________________| |ooooooooooooooooooooooooooooooooooooooooooooooooooooooooo| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ --------------0025AF466B75829A90012340 Content-Type: message/rfc822 Content-Transfer-Encoding: 7bit Content-Disposition: inline Received: by pascal (mbox agora) (with Cubic Circle's cucipop (v1.22 1998/04/11) Wed Nov 4 09:24:47 1998) X-From_: root Wed Nov 4 01:08:10 1998 Received: from brimstone.netspace.org (brimstone.netspace.org [128.148.157.143]) by pascal.uol.com.br (8.9.1/8.9.1) with ESMTP id BAA12002; Wed, 4 Nov 1998 01:08:03 -0200 (EDT) Received: from netspace.org ([128.148.157.6]:54856 "EHLO netspace.org" ident: "TIMEDOUT2") by brimstone.netspace.org with ESMTP id <77774-27536>; Tue, 3 Nov 1998 21:37:34 -0500 Received: from NETSPACE.ORG by NETSPACE.ORG (LISTSERV-TCP/IP release 1.8c) with spool id 4569238 for BUGTRAQ@NETSPACE.ORG; Tue, 3 Nov 1998 21:30:42 -0500 Approved-By: aleph1@DFW.NET Received: from gti.net (apollo.gti.net [199.171.27.7]) by netspace.org (8.8.7/8.8.7) with ESMTP id RAA18872 for <BUGTRAQ@NETSPACE.ORG>; Sun, 1 Nov 1998 17:05:06 -0500 Received: from localhost (jfoutts@localhost) by gti.net (8.9.1/8.8.8) with ESMTP id RAA24814 for <BUGTRAQ@NETSPACE.ORG>; Sun, 1 Nov 1998 17:05:07 -0500 (EST) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Message-ID: <Pine.GSO.4.04.9811011657440.24326-100000@apollo.gti.net> Date: Sun, 1 Nov 1998 17:05:07 -0500 Reply-To: Justin Foutts <jfoutts@APOLLO.GTI.NET> Sender: Bugtraq List <BUGTRAQ@netspace.org> From: Justin Foutts <jfoutts@APOLLO.GTI.NET> Subject: SSHD Exploit To: BUGTRAQ@netspace.org X-Mozilla-Status2: 00000000 On a system I administer I found a program named sshdwarez.c in one of my user's home directories. Upon further inspection I found that this was the source code of an x86/Linux remote buffer overflow exploit for sshd versions 1.2.26 and below. I have tested this exploit on a number of my systems and have obtained remote root access on each one. I will not post this exploit as it could give crackers a tool to gain unauthorized access to systems. I STRONGLY recommend that everyone upgrade their versions of sshd as soon as possible. Thanks! Justin --------------0025AF466B75829A90012340-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?364054DC.DF96B116>