Date: Mon, 17 Jan 2000 22:19:28 -0500 (EST) From: Spidey <beaupran@iro.umontreal.ca> To: Omachonu Ogali <oogali@intranova.net> Cc: Alexander Langer <alex@big.endian.de>, Jonathan Fortin <jonf@revelex.com>, freebsd-security@FreeBSD.ORG Subject: Re: sh? Message-ID: <14467.56256.337327.619067@anarcat.dyndns.org> References: <20000117165325.C5975@cichlids.cichlids.com> <Pine.BSF.4.10.10001171427030.92711-100000@hydrant.intranova.net>
next in thread | previous in thread | raw e-mail | index | archive | help
These exploits can generally be trivially modified to use another shell. And anyways, once sh is launched and it's not supposed to (read: root shell), it's generally too late.. :)) The AnarCat --- Big Brother told Omachonu Ogali to write, at 14:28 of January 17: > On all systems. > > Take a look at some shellcode in the most recent exploits, they either > bind /bin/sh to a port via inetd or execute some program using /bin/sh. > > Omachonu Ogali > Intranova Networking Group > > On Mon, 17 Jan 2000, Alexander Langer wrote: > > > Thus spake Omachonu Ogali (oogali@intranova.net): > > > > > Most of the exploits out there use /bin/sh to launch attacks. > > > > On FreeBSD? > > > > Alex > > > > -- > > I doubt, therefore I might be. > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message -- Si l'image donne l'illusion de savoir C'est que l'adage pretend que pour croire, L'important ne serait que de voir Lofofora To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?14467.56256.337327.619067>