On Fri, 27 Aug 2004, andreas@inferno.nadir.org wrote:
> Richard,
>
> if you have another spare box, just install it like the first one
> and try all the exploits you got from the intruder.
> You have most likely a complete history file, so where's the problem?
> Remember, one of these binaries seems to be infected with RST, so erase
> that box afterwards..;)
> After that we hopefully can get rid of this thread...
I have checked today dist-upgraded debian sarge, with *default* kernel
(2.4.18-bf2.4), and it is still *vulnerable* to do_brk, kmod, and
ptrace exploits.
This kernel seems to be *not* patched since 2002.
-- ..... Robert Jaroszuk - zim iq pl - [ IQ PL Sp. z o.o. ] ..... GCS/IT/O d? s: a-- C++ ULB++++$ P+ L++++$ E--- W- K- N+ DI+ V- w M- PS+ PE Y(+) PGP-(+++) t-- 5? X- R tv-- b++>++++ D- y+ G++ .. http://zim.iq.pl/ . RJ735-RIPE . http://zim.iq.pl/photo/ .. ... The superior warrior wins without fighting -- Sun Tzu. ... _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.htmlReceived on Fri Aug 27 19:09:21 2004
This archive was generated by hypermail 2.1.8 : Fri Aug 27 2004 - 20:06:24 EDT