Hosting Provided By

Re: BIND Exploits

From: <h2g.sec.list(at)zipmail.com.br>
Date: Wed Nov 13 2002 - 22:55:10 EST

Hi folks,
exist some fake stuff related to bind8 in scene. No real stuff confirmed yet.

See above (it is a edit vesion of bind8.2.3-slack.c exploit):

* Unreleased 0date:09.11.02 fsck -f 0x01,0x0b 
* Discovered and exploited by Solar Eclipse 
* Remote Exploit for for bind.8.x 
* usage: ./exp -t[type] -s[shellcode] -t[offset] h[hostname] 
* example: ./exp -t 1 remotehost

bind8.2.3-slack.c HEADER:
/*

* Copyright (c) 2001 - Security.is 
* 
* 
* Discovered and exploited by portal and tf8 of security chan, April 2001

* Remote Exploit for Slackware 7.x, for bind.8.2.3-REL

* usage: ./exp -t[type] -s[shellcode] -t[offset] -h[hostname] * example: ./exp -t 1 remotehost

Regards...
Nilton Gomes
Bompreço System Administrator
H2G-Labs Security Services

Mensagem original --

>I take it everyone has seen the latest advisory from ISC?

>> seemed that nmap sends a packet with the FIN flag set. I did not see

>> the SYN flag set in addition to FIN, so nmap is not an answer to his

>> question.

Use o melhor sistema de busca da Internet Radar UOL - http://www.radaruol.com.br Received on Thu Nov 14 19:18:40 2002

Do you need help?

This message: [ Message body ]
Next message: Ryan Yagatich: "PHP"
Previous message: c jones: "shell script cgi"
In reply to Dom De Vitto: "BIND Exploits"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:07:37 EDT