Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: [PEN-TEST] Linux
From: Riley Hassell <riley () SPEAKEASY NET>
Date: Tue, 7 Nov 2000 18:56:27 -0800

local:
restore
suidperl !
glibc !
traceroute !
syslog format string bugs

remote:
rpc.statd -> statdx
wuftpd  -> wuftpd-god.c !
GNORBA unreleased
xfs



Or type "redhat 6.2" in a search engine. ;)


Riley Hassell
Network Security Consultant
riley () speakeasy org



On Tue, 7 Nov 2000, Dunker, Noah wrote:

Stock Red Hat 6.2 with no patches?

I've had some luck with the following:

The Dump and Restore vulnerabilities (local):
http://packetstorm.securify.com/0011-exploits/dump.sh

The SUIDPERL / Mailx mess (local):
http://packetstorm.securify.com/0008-exploits/suidperlhack.pl

The rpc.statd REMOTE ROOT:
(url not available, I have the source though.)  I think it
was called "statdx2.c" and it was on www.hack.co.za, which is
down right now.  Maybe find an up-to-date mirror, if exists?

these are all lame script-kiddie exploits that
are still actively being used.  Anyone who keeps up on
their patches will have fixed all of these.

--Noah dunker



-----Original Message-----
From: Adassovsky Michel [mailto:manahune () YAHOO COM]
Sent: Tuesday, November 07, 2000 1:42 PM
To: PEN-TEST () SECURITYFOCUS COM
Subject: Linux


Hello,

I am doing a penetration test for a customer of us.
I have obtained user acces on a RedHat 6.2 box.
Can someone tell me how can I now gain root access, or
if you know any links giving exploits to gain root
acces...

Thank you


Michel - FRANCE

__________________________________________________
Do You Yahoo!?
Thousands of Stores.  Millions of Products.  All in one Place.
http://shopping.yahoo.com/



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault