help-cfengine
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: cfengine rsa heap remote exploit: part of PTjob project (fwd)


From: rader
Subject: Re: cfengine rsa heap remote exploit: part of PTjob project (fwd)
Date: Tue, 22 Feb 2005 07:08:44 -0600

I should have done a little research before my wasting time on this:
it appears that this exploit was attended to back in August of 2004.

It is (indeed) unfortunate that this was brought up again--not only
because it scared people--but also because the exploit requires
access to a trusted system.

steve 
- - - 
systems & network manager
high energy physics
university of wisconsin

 http://lists.gnu.org/archive/html/help-cfengine/2004-08/msg00086.html

 > ---- Original Message ----
 > From: rader
 > 
 > I've got it compiled.  It doesn't break into nor crash 2.1.3 on
 > redhat 7.3--that's the only pre-2.1.8 version I've got.
 > 
 > Perhaps it only works on 2.1.7p1?
 > 
 > (Had to fix a bug in arg parsing to get it to use the -t 5 crash
 > mode... should be -t arg code should be (sizeof(targets)/20)+1
 > instead of sizeof(targets)/28.  Some elements have been removed
 > from struct targets[]??)
 > 
 > steve
 > - - -




reply via email to

[Prev in Thread] Current Thread [Next in Thread]