[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: cfengine rsa heap remote exploit: part of PTjob project (fwd)
From: |
Christian Pearce |
Subject: |
Re: cfengine rsa heap remote exploit: part of PTjob project (fwd) |
Date: |
Mon, 21 Feb 2005 08:27:25 -0500 |
They have the version 2.1.7 coded. But I don't have a thorough
understanding of these exploits.
{ "Redhat 7.3 ", "cfengine 2.1.7p1 ",0x0819f03e , 0x0811a590
},
{ "redhat 9.0 ", "cfengine 2.1.7p1", **********, ********** },
{ "Redhat 7.2 ", "cfengine 2.17p1 ", 0x080d1c78, 0x0806d0e3
},
{ "Redhat 7.1 ", "cfengine 2.17p1", 0x080d11e0, 0x082bc090
},
I am trying to compile it, but I get a ton of warnings. Has anyone else
tried to verify this?
On Mon, 2005-02-21 at 07:35, Ralph Angenendt wrote:
> Mark Burgess wrote:
> >
> > This is not enough information to go on. Where does this come from and
> > when did it appear? It appears to be old. (2.1.7). In that case it
> > refers to a bug that was patched in 2.1.8. More information please.
>
> This has been mailed to bugtraq yesterday - and yes, there is nothing
> more to it, than has been forwarded here.
>
> <http://www.securityfocus.com/archive/1/390947/2005-02-18/2005-02-24/0>
>
> There hasn't been any discussion on this mail yet, either.
>
> Ralph
--
Christian Pearce
http://www.commnav.com
http://www.perfectorder.com