From owner-freebsd-security Thu Jul 26 15: 5:35 2001 Delivered-To: freebsd-security@freebsd.org Received: from obsecurity.dyndns.org (adsl-64-169-104-149.dsl.lsan03.pacbell.net [64.169.104.149]) by hub.freebsd.org (Postfix) with ESMTP id 928F837B403 for ; Thu, 26 Jul 2001 15:05:31 -0700 (PDT) (envelope-from kris@obsecurity.org) Received: by obsecurity.dyndns.org (Postfix, from userid 1000) id 620D56722B; Thu, 26 Jul 2001 15:05:30 -0700 (PDT) Date: Thu, 26 Jul 2001 15:05:29 -0700 From: Kris Kennaway To: jianzhong ren Cc: kris@obsecurity.org, FreeBSD Security Subject: Re: some new exploit is out Message-ID: <20010726150529.A82158@xor.obsecurity.org> References: <20010726220033.19129.qmail@linuxmail.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="r5Pyd7+fXNt84Ff3" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010726220033.19129.qmail@linuxmail.org>; from jian@linuxmail.org on Fri, Jul 27, 2001 at 06:00:33AM +0800 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --r5Pyd7+fXNt84Ff3 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Jul 27, 2001 at 06:00:33AM +0800, jianzhong ren wrote: >=20 > -----Original Message----- > From: Kris Kennaway <kris@obsecurity.org> > Date: Thu, 26 Jul 2001 14:52:58 -0700 > To: jianzhong ren <jian@linuxmail.org> > Subject: Re: some new exploit is out >=20 >=20 > > On Fri, Jul 27, 2001 at 05:46:41AM +0800, jianzhong ren wrote: > >=20 > > > i know that pacth for telnet is out too, but is there any new p= atch > > > for shared signals vulnerability > >=20 > > Yes, a while ago. You do read advisories, right? > >=20 > > > adn portbinding shellcode? > >=20 > > What's this one? > >=20 > > Kris >=20 > and this http://www.hack.co.za/download.php?sid=3D1445 for setreuid(0,0) = execve /bin/sh shellcode(29 bytes) > >=20 Oh, I see..you're talking about examples of shellcode, not FreeBSD vulnerabilities. That has little to no relevance to anyone on this list unless you're a script kiddie. Kris --r5Pyd7+fXNt84Ff3 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE7YJQoWry0BWjoQKURApFRAKCRm8WL2Sm9gfQqWufMAdK7SRLXqwCgkDk6 MdarP6lAiuUX0rVY2IiIIC0= =XI9a -----END PGP SIGNATURE----- --r5Pyd7+fXNt84Ff3-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message