Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Incidents
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: DNS CACHE POISONING? - Our Portal is redirecting to our first compet

from [Eduardo Tongson] Network Security [Permanent Link]
Subject: Re: DNS CACHE POISONING? - Our Portal is redirecting to our first competition
Date: Wed, 30 Jan 2008 08:22:34 +0800 
Yeah, completely forgot about those ran as root and setuid programs.
Been a while since I have seen those. Also forgot about the usual
admin errors. But it is ridiculous to say "all bets are off" when a
user gets a shell. Thats got a lot to say about the admin in charge.

   Ed <http://blog.eonsec.com>

On Jan 30, 2008 2:59 AM,  <Valdis.Kletnieks@vt.edu> wrote:

On Tue, 29 Jan 2008 07:57:39 +0800, Eduardo Tongson said:

kernel used is fully updated and root SSH login dismissed do you know
a way of getting root without an unknown kernel bug?


The *vast* majority of "get r00t kwik" exploits do *not* involve exploiting
kernel bugs, but involve exploiting daemon processes running as root or
set-UID programs.  So if you have CUPS running, they don't need a kernel
exploit, they just need a CUPS exploit (and CUPS *has* had a few issues).
Same for Sendmail, NTP, the X server, or any of the other things found on
the average Unix/Linux install....
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: DNS CACHE POISONING? - Our Portal is redirecting to our first competition, Valdis . Kletnieks
Next by Date:  Re: DNS CACHE POISONING? - Our Portal is redirecting to our first competition, Graeme Fowler
Previous by Thread:  Re: DNS CACHE POISONING? - Our Portal is redirecting to our first competition, Valdis . Kletnieks
Next by Thread:  Re: DNS CACHE POISONING? - Our Portal is redirecting to our first competition, Graeme Fowler
Indexes:  [Date] [Thread] [Top] [All Lists]