Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: Sendmail exploit released???
From: <zero_latency () hushmail com>
Date: 7 Mar 2003 22:26:09 -0000

In-Reply-To: <20030305194707.15514.qmail () www securityfocus com>

in reference to the cworld article, i would say some1 is kinda confused 
around here.....:)

The "russian hacker web site" is actually www.security.nnov.ru, a well 
known infosec news and advisory site, not in the business of "producing" 
exploits for the mass.

They actually made public the advisory from LDS (i would try to confuse a 
polish guy with a russian one ;) 
http://www.security.nnov.ru/search/news.asp?binid=2630

On my opinion, all this rumors surondin the famous sendmail exploit, are 
not meant to aware and alert ppl about risk but to actually misinform them 
and produce terror (and the involved "necesary?"investment on trying 
to "fix this")

i also was truly surprised after reading the comments form ppl like 
Ingevaldson from x-force ensuring "analysis of the code shows that it 
works" or Eric Allman saying "...there are other variables that are not 
pointers that have security implications; finding one of them within range 
will be more difficult, but probably not impossible..." (without specify 
what kind of risk he founds behind this).

The kind of comments that provide companies subjective risk indications, 
are just a tool against ppl trying to be serious about risk management 
security investment.


Received: (qmail 19838 invoked from network); 5 Mar 2003 20:19:16 -0000
Received: from outgoing3.securityfocus.com (205.206.231.27)
 by mail.securityfocus.com with SMTP; 5 Mar 2003 20:19:16 -0000
Received: from lists.securityfocus.com (lists.securityfocus.com 
[205.206.231.19])
      by outgoing3.securityfocus.com (Postfix) with QMQP
      id 48EAAA30A4; Wed,  5 Mar 2003 13:17:45 -0700 (MST)
Mailing-List: contact bugtraq-help () securityfocus com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq () securityfocus com>
List-Help: <mailto:bugtraq-help () securityfocus com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe () securityfocus com>
List-Subscribe: <mailto:bugtraq-subscribe () securityfocus com>
Delivered-To: mailing list bugtraq () securityfocus com
Delivered-To: moderator for bugtraq () securityfocus com
Received: (qmail 25559 invoked from network); 5 Mar 2003 19:39:05 -0000
Date: 5 Mar 2003 19:47:07 -0000
Message-ID: <20030305194707.15514.qmail () www securityfocus com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
X-Mailer: MIME-tools 5.411 (Entity 5.404)
From: Kryptik Logik <kryptiklogik () hushmail com>
To: bugtraq () securityfocus com
Subject: Sendmail exploit released???



Folks:

Refer to this article in ComputerWorld 
http://www.computerworld.com/securitytopics/security/holes/story/0,10801,7
9
021,00.html about some Russian Hacker site releasing Sendmail exploit 
code. Is it any different than the LSD exploit code or is is a "security-
guru-security-know-all" reporters mistake?!

The reason this caught my attention is that they say that the exploit has 
been tested only on Slackware Linux 8.0 dist just like LSD advisory says 

This article claims that the Russian hackers wrote it and released it on 
the web first... which kinda irks me off :(

<quote from the article>
... "self-proclaimed security experts located in Nizhny Novgorod, Russia, 
actually produced the exploit and posted it on the Web"
<unquote>

Can anybody confirm/deny this?

# klogik



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]