mailing list archives
Re: Remote Root Exploit for Redhat 7.0
From: Max Vision <vision () WHITEHATS COM>
Date: Tue, 2 Jan 2001 09:51:11 -0800
Hi, since this was cross-posted to vuln-dev and Bugtraq I think the wider
audience should know the facts...
---------- Forwarded message ----------
Date: Sat, 30 Dec 2000 12:58:07 -0800 (PST)
From: Max Vision <vision () whitehats com>
To: "kry_cek () libero it" <kry_cek () LIBERO IT>
Cc: VULN-DEV () SECURITYFOCUS COM
Subject: Re: Remote Root Exploit for Redhat 7.0
Ew. When you diff the source, it is apparent that this is a plagiarized
exploit that was actually written by DiGiT of security.is  (which I saw
posted to their website December 8th!)
Not only that, but this was discussed publicly in September , then
fixed by Redhat in early October . Redhat even went so far as to
change the 7.0 ISO image to include the fixed LPRng package Oct 11th ,
so many recent default installations are not affected. Affected users
that used the old ISO images can still download the RPM updates .
On Sat, 30 Dec 2000, kry_cek () libero it wrote:
This exploit compromise Redhat 7.0 box and it allows to gain the root..
is very dangerous.. please RedHat.com release a patch!!
This expl take advantage of Lpd.
For download this expl. look www.netcat.it/download/SEClpd.c
Thx To All
Staff of www.netcat.it