Network Security: Detailed info on Re: [Full-Disclosure] Automated ssh scanning

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security FullDisclosure

[Top] [All Lists]

Re: [Full-Disclosure] Automated ssh scanning

from [Henrik Persson] Network Security

[Permanent Link]

Subject:	Re: [Full-Disclosure] Automated ssh scanning
Date:	Thu, 26 Aug 2004 23:24:31 +0200

On Thu, 2004-08-26 at 09:15, Richard Verwayen wrote:

Uhm. How do you mean, "fully patched"? What kernel were you running?

Hello Henrik

I am relying on the debian software distribution system, so it was there
latest stable kernel-source for woody. So it was the latest debianised
2.4.19. Shouldn't I believe it secured against these exploits?


Well, you should, I guess.

I could grab all the kits (I think) from the net and I went trough
them.. do_mremap and brk and whatnot.. Can anyone else confirm that the
latest stable debian woody kernel (package from security.debian.org repo
I guess) is vulnerable?

Or can you, Richard, go trough the exploits and try to root your box?

I'm away from home and I only have my lappie here with linux 2.6.8.1.
And the exploits I tried didn't work here. :)

-- 
Henrik Persson <nix@syndicalist.net>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: [Full-Disclosure] Automated ssh scanning, (continued) Re: [Full-Disclosure] Automated ssh scanning, Tremaine Re: [Full-Disclosure] Automated ssh scanning, Gerry Eisenhaur Re: [Full-Disclosure] Automated ssh scanning, VeNoMouS Re: [Full-Disclosure] Automated ssh scanning, VeNoMouS Re: [Full-Disclosure] Automated ssh scanning, David Vincent Re: [Full-Disclosure] Automated ssh scanning, Richard Verwayen Re: [Full-Disclosure] Automated ssh scanning, andreas Re: [Full-Disclosure] Automated ssh scanning, VeNoMouS Re: [Full-Disclosure] Automated ssh scanning, Henrik Persson Re: [Full-Disclosure] Automated ssh scanning, Richard Verwayen Re: [Full-Disclosure] Automated ssh scanning, Henrik Persson <= RE: !SPAM! [Full-Disclosure] Automated ssh scanning, Yaakov Yehudi RE: !SPAM! [Full-Disclosure] Automated ssh scanning, Richard Verwayen Re: [Full-Disclosure] Automated ssh scanning, Frank Knobbe Re: [Full-Disclosure] Automated ssh scanning, Jan Luehr RE: [Full-Disclosure] Automated ssh scanning, Todd Towles RE: [Full-Disclosure] Automated ssh scanning, Todd Towles Re: [Full-Disclosure] Automated ssh scanning, Tremaine Re: [Full-Disclosure] Automated ssh scanning, Deigo Dude Re: [Full-Disclosure] Automated ssh scanning, Gary E. Miller Re: [Full-Disclosure] Automated ssh scanning, Ron DuFresne

Previous by Date:	[Full-Disclosure] SSL Vulnerability??, JV
Next by Date:	Re: !SPAM! [Full-Disclosure] Automated ssh scanning, sec-focus
Previous by Thread:	Re: [Full-Disclosure] Automated ssh scanning, Richard Verwayen
Next by Thread:	RE: !SPAM! [Full-Disclosure] Automated ssh scanning, Yaakov Yehudi
Indexes:	[Date] [Thread] [Top] [All Lists]