From: Altheide, Cory B. (IARC) (AltheideCnv.doe.gov)
Date: Wed Jan 12 2005 - 11:25:41 CST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The thing I wonder about is how these loose definitions of "Remote" and
"Vulnerability" would have changed the outcome of the "qmail security
challenge".

http://web.infoave.net/~dsill/dave/qmail/qmail-challenge.html

I can send the administrator an email THROUGH QMAIL telling him to set up a
UID 0 account for me, BAM! REMOTE ROOT.

-- Cory

> -----Original Message-----
> From: dailydave-bounceslists.immunitysec.com
> [mailto:dailydave-bounceslists.immunitysec.com] On Behalf Of
> Aleksander P. Czarnowski
> Sent: Wednesday, January 12, 2005 8:35 AM
> To: dailydave
> Subject: RE: [Dailydave] Microsoft letdown day
>
>
> We're living in a strange world. Since DJB students advisory
> I am scared of running nasm - good thing I am using masm32 on
> Windows system - DJB and his students can't get me remotely
> any time soon ;-) However one remote thing happened - a lot
> more people now know about DJB's security mailing list. He's
> advertising genius.
>
> Now I wonder how this bug will influence OpenBSD "Only one
> remote hole in the default install, in more than 8 years!" slogan:
>
> 010: RELIABILITY FIX: January 10, 2005
> A bug in the tcp(4) stack allows an invalid argument to be
> used in in calculating the TCP retransmit timeout. By sending
> packets with specific values in the TCP timestamp option, an
> attacker can cause a system panic.
>
> After all you can have a remote vulnerability even after you disable
> (almost) every service (knowing how buggy those services plus
> kernel are). Just my 2 cents, Cheers, Alex Czarnwoski AVET INS

_______________________________________________
Dailydave mailing list
Dailydavelists.immunitysec.com
https://lists.immunitysec.com/mailman/listinfo/dailydave

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]