On Wed, Jul 30, 2003 at 09:07:34PM +0200, Erik van den Berg wrote: | yes it can, when the exploit succeeds (not a crash what we have seen so | far), the code that is in the exploit is executed, and if that code is | portbinding shellcode (it opens another port, and if you telnet to that port | /bin/sh will be executed and you will have shell access).
Is this trivial to do ? should i expect my box to be rooted as of yet ? Have ther been released scripts to gain shell with this exploit ? or is this more like "it could be possible" ? | | ----- Original Message ----- | From: <[EMAIL PROTECTED]> | To: <[EMAIL PROTECTED]> | Sent: Wednesday, July 30, 2003 9:00 PM | Subject: Re: [hlds_linux] HLDS Expolits. | | | > Would it to be possible for them to get shell access to the users account | if | > shell is disabled for the users? ALL users running hlds on my servers have | > zero shell access since no one neds shell access but me. So is it even | > possible for them to use this to gain shell access with a username with no | > shell access? | > | > Thanks | > Jeremy | > | > | > Quoting Erik van den Berg <[EMAIL PROTECTED]>: | > | > > heh, crashing is not the bad thing, i was talking about getting shell | access | > > as the user running the hlds | > > | > > ----- Original Message ----- | > > From: <[EMAIL PROTECTED]> | > > To: <[EMAIL PROTECTED]> | > > Sent: Wednesday, July 30, 2003 1:40 PM | > > Subject: Re: [hlds_linux] HLDS Expolits. | > > | > > | > > > Yes, and it works quite well. | > > > Somebody has already started to crash our servers. | > > > *sigh* | > > > | > > > -jmoen- | > > > | > > > > oh and i have seen a linux version for the exploit so prepare | yourselves | > > > > | > > > > | > > > > ----- Original Message ----- | > > > > From: "Hlds Linux" <[EMAIL PROTECTED]> | > > > > To: <[EMAIL PROTECTED]> | > > > > Sent: Wednesday, July 30, 2003 1:18 PM | > > > > Subject: Re: [hlds_linux] HLDS Expolits. | > > > > | > > > > | > > > >> The posted "iptables" Script is not enough. | > > > >> A exploit need only on conenction to the port, so port-limiting is | not | > > a | > > > >> fix. | > > > >> Greetz | > > > >> ----- Original Message ----- | > > > >> From: "Erik van den Berg" <[EMAIL PROTECTED]> | > > > >> To: <[EMAIL PROTECTED]> | > > > >> Sent: Wednesday, July 30, 2003 11:55 AM | > > > >> Subject: Re: [hlds_linux] HLDS Expolits. | > > > >> | > > > >> | > > > >> > Heh, the main thing that makes me mad is that valve has not even | > > > >> patched | > > > >> > this since april 14th. | > > > >> > | > > > >> > -- | > > > >> > - | > > > >> > | > > > >> > Met vriendelijke groet, | > > > >> > Erik van den Berg | > > > >> > | > > > >> > Server Administrator/Unix Security Consultant | > > > >> > Technische Dienst XL-Hosting | > > > >> > | > > > >> > http://www.xl-hosting.com | > > > >> > [EMAIL PROTECTED] | > > > >> > ----- Original Message ----- | > > > >> > From: <[EMAIL PROTECTED]> | > > > >> > To: <[EMAIL PROTECTED]> | > > > >> > Sent: Wednesday, July 30, 2003 2:29 AM | > > > >> > Subject: RE: [hlds_linux] HLDS Expolits. | > > > >> > | > > > >> > | > > > >> > > The main thing that makes me mad is not that I have to upgrade | to | > > > >> get | > > > >> the | > > > >> > > fix, but I have to upgrade to the next 4.1.1.0x version which | will | > > > > kill | > > > >> my | > > > >> > > servers since the CPU usage blows. | > > > >> > | > > > >> > | > > > >> > _______________________________________________ | > > > >> > To unsubscribe, edit your list preferences, or view the list | > > archives, | > > > >> please visit: | > > > >> > http://list.valvesoftware.com/mailman/listinfo/hlds_linux | > > > >> > | > > > >> > | > > > >> | > > > >> _______________________________________________ | > > > >> To unsubscribe, edit your list preferences, or view the list | archives, | > > > > please visit: | > > > >> http://list.valvesoftware.com/mailman/listinfo/hlds_linux | > > > >> | > > > >> | > > > > | > > > > | > > > > _______________________________________________ | > > > > To unsubscribe, edit your list preferences, or view the list | archives, | > > > > please visit: | > > > > http://list.valvesoftware.com/mailman/listinfo/hlds_linux | > > > > | > > > | > > > _______________________________________________ | > > > To unsubscribe, edit your list preferences, or view the list archives, | > > please visit: | > > > http://list.valvesoftware.com/mailman/listinfo/hlds_linux | > > > | > > | > > | > > _______________________________________________ | > > To unsubscribe, edit your list preferences, or view the list archives, | please | > > visit: | > > http://list.valvesoftware.com/mailman/listinfo/hlds_linux | > > | > | > | > | > _______________________________________________ | > To unsubscribe, edit your list preferences, or view the list archives, | please visit: | > http://list.valvesoftware.com/mailman/listinfo/hlds_linux | > | | | _______________________________________________ | To unsubscribe, edit your list preferences, or view the list archives, please visit: | http://list.valvesoftware.com/mailman/listinfo/hlds_linux -- B�rge Amundsen http://lv8pv.com _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
