Bugtraq mailing list archives
Immunity Advisory: dtlogin remote root
From: Dave Aitel <dave () immunitysec com>
Date: Tue, 23 Mar 2004 15:40:49 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Technical Summary: A double-free weakness in the XDMCP parser of dtlogin (CDE) results in remote code execution against popular server operating systems, such as Solaris. Linux is not vulnerable, to Immunity's knowledge. This attack is performed over UDP port 177. dtlogin is also the program that displays the login screen, so killing it blindly is not recommended. The full advisory in pdf form is available at: http://www.immunitysec.com/downloads/dtlogin.sxw.pdf This is one of the new vulnerabilities in the Shellcoder's Handbook. Thanks, Dave Aitel Immunity, Inc. http://www.immunitysec.com/CANVAS/ "Hacking like it is in the movies." -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFAYKDRzOrqAtg8JS8RAtEZAKCo50ri06lIn65WI/nJL43Ki3HVpQCg26Tb +M095Yr25NQ8SYyEHI7xJWU= =g/I9 -----END PGP SIGNATURE-----
Current thread:
- Immunity Advisory: dtlogin remote root Dave Aitel (Mar 23)
- Re: Immunity Advisory: dtlogin remote root Johan A . van Zanten (Mar 24)
- Re: Immunity Advisory: dtlogin remote root Dave Aitel (Mar 24)
- Re: Immunity Advisory: dtlogin remote root Johan A . van Zanten (Mar 24)