BugTraq
Back to list
|
Post reply
Re: Sendmail exploit released???
Mar 07 2003 10:26PM
zero_latency hushmail com
In-Reply-To: <20030305194707.15514.qmail (at) www.securityfocus (dot) com [email concealed]>
in reference to the cworld article, i would say some1 is kinda confused
around here.....:)
The "russian hacker web site" is actually www.security.nnov.ru, a well
known infosec news and advisory site, not in the business of "producing"
exploits for the mass.
They actually made public the advisory from LDS (i would try to confuse a
polish guy with a russian one ;)
http://www.security.nnov.ru/search/news.asp?binid=2630
On my opinion, all this rumors surondin the famous sendmail exploit, are
not meant to aware and alert ppl about risk but to actually misinform them
and produce terror (and the involved "necesary?"investment on trying
to "fix this")
i also was truly surprised after reading the comments form ppl like
Ingevaldson from x-force ensuring "analysis of the code shows that it
works" or Eric Allman saying "...there are other variables that are not
pointers that have security implications; finding one of them within range
will be more difficult, but probably not impossible..." (without specify
what kind of risk he founds behind this).
The kind of comments that provide companies subjective risk indications,
are just a tool against ppl trying to be serious about risk management
security investment.
>Received: (qmail 19838 invoked from network); 5 Mar 2003 20:19:16 -0000
>Received: from outgoing3.securityfocus.com (205.206.231.27)
> by mail.securityfocus.com with SMTP; 5 Mar 2003 20:19:16 -0000
>Received: from lists.securityfocus.com (lists.securityfocus.com
[205.206.231.19])
> by outgoing3.securityfocus.com (Postfix) with QMQP
> id 48EAAA30A4; Wed, 5 Mar 2003 13:17:45 -0700 (MST)
>Mailing-List: contact bugtraq-help (at) securityfocus (dot) com [email concealed]; run by ezmlm
>Precedence: bulk
>List-Id: <bugtraq.list-id.securityfocus.com>
>List-Post: <mailto:bugtraq (at) securityfocus (dot) com [email concealed]>
>List-Help: <mailto:bugtraq-help (at) securityfocus (dot) com [email concealed]>
>List-Unsubscribe: <mailto:bugtraq-unsubscribe (at) securityfocus (dot) com [email concealed]>
>List-Subscribe: <mailto:bugtraq-subscribe (at) securityfocus (dot) com [email concealed]>
>Delivered-To: mailing list bugtraq (at) securityfocus (dot) com [email concealed]
>Delivered-To: moderator for bugtraq (at) securityfocus (dot) com [email concealed]
>Received: (qmail 25559 invoked from network); 5 Mar 2003 19:39:05 -0000
>Date: 5 Mar 2003 19:47:07 -0000
>Message-ID: <20030305194707.15514.qmail (at) www.securityfocus (dot) com [email concealed]>
>Content-Type: text/plain
>Content-Disposition: inline
>Content-Transfer-Encoding: binary
>MIME-Version: 1.0
>X-Mailer: MIME-tools 5.411 (Entity 5.404)
>From: Kryptik Logik <kryptiklogik (at) hushmail (dot) com [email concealed]>
>To: bugtraq (at) securityfocus (dot) com [email concealed]
>Subject: Sendmail exploit released???
>
>
>
>Folks:
>
>Refer to this article in ComputerWorld
>http://www.computerworld.com/securitytopics/security/holes/story/0,1080
1,7
9
>021,00.html about some Russian Hacker site releasing Sendmail exploit
>code. Is it any different than the LSD exploit code or is is a "security-
>guru-security-know-all" reporters mistake?!
>
>The reason this caught my attention is that they say that the exploit has
>been tested only on Slackware Linux 8.0 dist just like LSD advisory says
>
>This article claims that the Russian hackers wrote it and released it on
>the web first... which kinda irks me off :(
>
><quote from the article>
>... "self-proclaimed security experts located in Nizhny Novgorod, Russia,
>actually produced the exploit and posted it on the Web"
><unquote>
>
>Can anybody confirm/deny this?
>
># klogik
>
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
in reference to the cworld article, i would say some1 is kinda confused
around here.....:)
The "russian hacker web site" is actually www.security.nnov.ru, a well
known infosec news and advisory site, not in the business of "producing"
exploits for the mass.
They actually made public the advisory from LDS (i would try to confuse a
polish guy with a russian one ;)
http://www.security.nnov.ru/search/news.asp?binid=2630
On my opinion, all this rumors surondin the famous sendmail exploit, are
not meant to aware and alert ppl about risk but to actually misinform them
and produce terror (and the involved "necesary?"investment on trying
to "fix this")
i also was truly surprised after reading the comments form ppl like
Ingevaldson from x-force ensuring "analysis of the code shows that it
works" or Eric Allman saying "...there are other variables that are not
pointers that have security implications; finding one of them within range
will be more difficult, but probably not impossible..." (without specify
what kind of risk he founds behind this).
The kind of comments that provide companies subjective risk indications,
are just a tool against ppl trying to be serious about risk management
security investment.
>Received: (qmail 19838 invoked from network); 5 Mar 2003 20:19:16 -0000
>Received: from outgoing3.securityfocus.com (205.206.231.27)
> by mail.securityfocus.com with SMTP; 5 Mar 2003 20:19:16 -0000
>Received: from lists.securityfocus.com (lists.securityfocus.com
[205.206.231.19])
> by outgoing3.securityfocus.com (Postfix) with QMQP
> id 48EAAA30A4; Wed, 5 Mar 2003 13:17:45 -0700 (MST)
>Mailing-List: contact bugtraq-help (at) securityfocus (dot) com [email concealed]; run by ezmlm
>Precedence: bulk
>List-Id: <bugtraq.list-id.securityfocus.com>
>List-Post: <mailto:bugtraq (at) securityfocus (dot) com [email concealed]>
>List-Help: <mailto:bugtraq-help (at) securityfocus (dot) com [email concealed]>
>List-Unsubscribe: <mailto:bugtraq-unsubscribe (at) securityfocus (dot) com [email concealed]>
>List-Subscribe: <mailto:bugtraq-subscribe (at) securityfocus (dot) com [email concealed]>
>Delivered-To: mailing list bugtraq (at) securityfocus (dot) com [email concealed]
>Delivered-To: moderator for bugtraq (at) securityfocus (dot) com [email concealed]
>Received: (qmail 25559 invoked from network); 5 Mar 2003 19:39:05 -0000
>Date: 5 Mar 2003 19:47:07 -0000
>Message-ID: <20030305194707.15514.qmail (at) www.securityfocus (dot) com [email concealed]>
>Content-Type: text/plain
>Content-Disposition: inline
>Content-Transfer-Encoding: binary
>MIME-Version: 1.0
>X-Mailer: MIME-tools 5.411 (Entity 5.404)
>From: Kryptik Logik <kryptiklogik (at) hushmail (dot) com [email concealed]>
>To: bugtraq (at) securityfocus (dot) com [email concealed]
>Subject: Sendmail exploit released???
>
>
>
>Folks:
>
>Refer to this article in ComputerWorld
>http://www.computerworld.com/securitytopics/security/holes/story/0,1080
1,7
9
>021,00.html about some Russian Hacker site releasing Sendmail exploit
>code. Is it any different than the LSD exploit code or is is a "security-
>guru-security-know-all" reporters mistake?!
>
>The reason this caught my attention is that they say that the exploit has
>been tested only on Slackware Linux 8.0 dist just like LSD advisory says
>
>This article claims that the Russian hackers wrote it and released it on
>the web first... which kinda irks me off :(
>
><quote from the article>
>... "self-proclaimed security experts located in Nizhny Novgorod, Russia,
>actually produced the exploit and posted it on the Web"
><unquote>
>
>Can anybody confirm/deny this?
>
># klogik
>
[ reply ]