<snip from the ISC's SANS> The k-otik folks have an analysis of the bad things that might happen if you follow the instructions in the fake RedHat advisory that was reported in yesterday's diary:
http://www.k-otik.com/news/FakeRedhatPatchAnalysis.txt <snip> the source code is also there Steph --- Brett Campbell <[EMAIL PROTECTED]> wrote: > On Sun, Oct 24, 2004 at 06:18:41PM -0700, Andrew > Farmer wrote: > <snip> > > I did a quickie analysis of the program (which is > basically just > > distributed as source!). > <snip> > > when did you get a hold of the tarball? they must've > yanked the record > for www.fedora-redhat.com ... it can't be resolved > in any way. > > pretty interesting (and pathetic) anyways, nice > detective work. > > -- > [ Brett R. Campbell ] > -> Configuration Management / Systems > Administration > -> Collaborative Agent Design Research Center > -> California Polytechnic State University, SLO, CA > __________________________________ Do you Yahoo!? Yahoo! Mail Address AutoComplete - You start. We finish. http://promotions.yahoo.com/new_mail _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
