Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: [PEN-TEST] Linux
From: "Dunker, Noah" <NDunker () FISHNETSECURITY COM>
Date: Tue, 7 Nov 2000 18:06:33 -0600

Stock Red Hat 6.2 with no patches?

I've had some luck with the following:

The Dump and Restore vulnerabilities (local):
http://packetstorm.securify.com/0011-exploits/dump.sh

The SUIDPERL / Mailx mess (local):
http://packetstorm.securify.com/0008-exploits/suidperlhack.pl

The rpc.statd REMOTE ROOT:
(url not available, I have the source though.)  I think it
was called "statdx2.c" and it was on www.hack.co.za, which is
down right now.  Maybe find an up-to-date mirror, if exists?

these are all lame script-kiddie exploits that
are still actively being used.  Anyone who keeps up on
their patches will have fixed all of these.

--Noah dunker



-----Original Message-----
From: Adassovsky Michel [mailto:manahune () YAHOO COM]
Sent: Tuesday, November 07, 2000 1:42 PM
To: PEN-TEST () SECURITYFOCUS COM
Subject: Linux


Hello,

I am doing a penetration test for a customer of us.
I have obtained user acces on a RedHat 6.2 box.
Can someone tell me how can I now gain root access, or
if you know any links giving exploits to gain root
acces...

Thank you


Michel - FRANCE

__________________________________________________
Do You Yahoo!?
Thousands of Stores.  Millions of Products.  All in one Place.
http://shopping.yahoo.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault