On 11/01/06, Siegfried <[EMAIL PROTECTED]> wrote: > omfg i hope it isn't marcos flavio who invented that shit again (100% > old-modified exploit & fake site) > or get a fucking brain man! > http://downloads.securityfocus.com/vulnerabilities/exploits/ntpd-exp.c
Not only is this plagiarism of work from five years ago, it was patched five years ago. Already disclosed, already remedied. No mayhem. >From http://www.kb.cert.org/vuls/id/JSHA-4VJFMF --- ntp_control.c.1 Thu Apr 5 21:41:56 2001 +++ ntp_control.c Thu Apr 5 21:43:02 2001 @@ -1824,6 +1824,8 @@ while (cp < reqend && *cp != ',') *tp++ = *cp++; + if (tp >= buf + sizeof(buf)) + return (0); if (cp < reqend) cp++; *tp = '\0'; \\//, Lorax _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
