Home page logo

pen-test logo Penetration Testing mailing list archives

Re: [PEN-TEST] Linux
From: "Dunker, Noah" <NDunker () FISHNETSECURITY COM>
Date: Tue, 7 Nov 2000 18:06:33 -0600

Stock Red Hat 6.2 with no patches?

I've had some luck with the following:

The Dump and Restore vulnerabilities (local):

The SUIDPERL / Mailx mess (local):

The rpc.statd REMOTE ROOT:
(url not available, I have the source though.)  I think it
was called "statdx2.c" and it was on www.hack.co.za, which is
down right now.  Maybe find an up-to-date mirror, if exists?

these are all lame script-kiddie exploits that
are still actively being used.  Anyone who keeps up on
their patches will have fixed all of these.

--Noah dunker

-----Original Message-----
From: Adassovsky Michel [mailto:manahune () YAHOO COM]
Sent: Tuesday, November 07, 2000 1:42 PM
Subject: Linux


I am doing a penetration test for a customer of us.
I have obtained user acces on a RedHat 6.2 box.
Can someone tell me how can I now gain root access, or
if you know any links giving exploits to gain root

Thank you

Michel - FRANCE

Do You Yahoo!?
Thousands of Stores.  Millions of Products.  All in one Place.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]