If you forward information posted to another mailling list it is recommended to add ''Fwd:" to the subject line or point to original posting, i.e. http://seclists.org/nmap-dev/2010/q2/635
Juha-Matti Henri Salo [[email protected]] kirjoitti: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > > A vulnerability that has been published today affects the OPIE > Authentication System (libopie). > According to the researchers it could hit many systems like > > - - OpenSuSE > - - wu-ftpd > - - mod_opie > - - PAM > - - openssh (modified by FreeBSD/DragonflyBSD Team) > - - sudo > - - opiesu > - - popper > - - Probably much more... > > Original advisory : > http://securityreason.com/achievement_securityalert/87 See also : > http://security.freebsd.org/advisories/FreeBSD-SA-10:05.opie.asc > > Please find attached their PoC as a script for Nmap. > Example Output : > - -- PORT STATE SERVICE > - -- 21/tcp open ftp > - -- | ftp-libopie: Likely prone to CVE-2010-1938 (OPIE off-by-one stack > overflow) > - -- |_See > http://security.freebsd.org/advisories/FreeBSD-SA-10:05.opie.asc > > A.G. > > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v2.0.12 (GNU/Linux) > Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org/ > > iEYEARECAAYFAkv+rS8ACgkQ3aDTTO0ha7j4igCffydmk9Y+U6ocVSNI5RwopoGh > vc0AniRSZZEkW5vgImS4czZsTTzS1bqf > =No6K > -----END PGP SIGNATURE----- > > > _______________________________________________ > Sent through the nmap-dev mailing list > http://cgi.insecure.org/mailman/listinfo/nmap-dev > Archived at http://seclists.org/nmap-dev/ > _______________________________________________ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
