On Fri, 27 Aug 2004, [EMAIL PROTECTED] wrote: > Richard, > > if you have another spare box, just install it like the first one > and try all the exploits you got from the intruder. > You have most likely a complete history file, so where's the problem? > Remember, one of these binaries seems to be infected with RST, so erase > that box afterwards..;) > After that we hopefully can get rid of this thread...
I have checked today dist-upgraded debian sarge, with *default* kernel (2.4.18-bf2.4), and it is still *vulnerable* to do_brk, kmod, and ptrace exploits. This kernel seems to be *not* patched since 2002. -- ..... Robert Jaroszuk - zim iq pl - [ IQ PL Sp. z o.o. ] ..... GCS/IT/O d? s: a-- C++ ULB++++$ P+ L++++$ E--- W- K- N+ DI+ V- w M- PS+ PE Y(+) PGP-(+++) t-- 5? X- R tv-- b++>++++ D- y+ G++ .. http://zim.iq.pl/ . RJ735-RIPE . http://zim.iq.pl/photo/ .. ... The superior warrior wins without fighting -- Sun Tzu. ... _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
