|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: sadmind hack?
From: Fyodor (fygrave
SCORPIONS.NET)Date: Sun Apr 16 2000 - 22:17:49 CDT
- Next message: Erick Brockway: "Weird Ping requests"
- Previous message: Joe McAlerney: "Re: Weird Ports on NT box"
- In reply to: Robert Graham: "Re: sadmind hack?"
- Next in thread: Labu Labi: "Re: sadmind hack?"
- Reply: Fyodor: "Re: sadmind hack?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
> samind is certainly vulnerable on unpatched Solaris 2.6 machines.
same goes to solaris2.7. the original `public' exploit needs to be
improved a little bit to get it working though.
> system. Therefore, you often see multiple attempts in a row. Also, the
> service restarts automatically from inetd, so crashing a single instance
> doesn't stop the others from running.
>
actually if bruteforcing stack/fp address goes too fast, inetd will
disable the service for a while, but one second delay between attempts is
usually enuff to avoid this.
- Next message: Erick Brockway: "Weird Ping requests"
- Previous message: Joe McAlerney: "Re: Weird Ports on NT box"
- In reply to: Robert Graham: "Re: sadmind hack?"
- Next in thread: Labu Labi: "Re: sadmind hack?"
- Reply: Fyodor: "Re: sadmind hack?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]