Full Disclosure mailing list archives
Re: Infobot-backdoor
From: Vanja Hrustic <vanja () pobox com>
Date: Sun, 15 Jun 2003 12:11:28 +0600
On Sat, 14 Jun 2003 21:05:03 -0700 "morning_wood" <se_cur_ity () hotmail com> wrote:
------------------------------------------------------------------ - EXPL-A-2003-007 exploitlabs.com Advisory 007 ------------------------------------------------------------------ -= infobot =- Vunerability: ---------------- 1. Remote Access
Remote access to what?
by default there are two user names in infobot.users not commented out quote from from the infobot.conf file...
It is infobot.users file, actually, as you mentioned earlier. Quote from README, at the top of the file (can't miss it, if you know how to read): "You will need to update your infobot.config and infobot.users. See the example files." You *really* have to be stupid in order to install default config/users file.
it seems the authors have provided themselves with a nifty backdoor... or any one who can match these credentals in the user database infobot.users
This list seems to be overloaded with children between 13 and 15 years of age. Maybe we should have 2 lists instead of 1; full-discolure and full-disclosure-diapers What's your next advisory? "./configure; make; make install" copies files to predictable location !? _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Infobot-backdoor morning_wood (Jun 14)
- Re: Infobot-backdoor Vanja Hrustic (Jun 14)
- Re: Infobot-backdoor w g (Jun 15)
- <Possible follow-ups>
- Re: Infobot-backdoor Donnie Weiner (Jun 16)
- Re: Infobot-backdoor w g (Jun 16)
- Re: Infobot-backdoor Donnie Weiner (Jun 17)
- Fwd: Re: Infobot-backdoor Karl Elgerstedt (Jun 17)
- Re: Fwd: Re: Infobot-backdoor Donnie Weiner (Jun 17)
- Re: Fwd: Re: Infobot-backdoor Karl Elgerstedt (Jun 17)
- Re: Infobot-backdoor Vanja Hrustic (Jun 14)