Vulnerability Development mailing list archives
Re: QPOP2.5* exploit ??
From: hdm () SECUREAUSTIN COM (H D Moore)
Date: Sun, 14 May 2000 15:53:35 -0500
Ryan Sweat wrote:
this has been found in the wild, however there seems to be a
trojan in the shellcode. Popper 2.5* has been thought to be safe. I
would not reccomend running this on your own machine unless you crack
the shellcode and see what it does.
Qpopper 2.5* safe? I think not. I have seen more than a few boxes cracked via publicly available exploits for the 2.53 version. I will tear apart the shell code buffer when I get time... -HD http://www.secureaustin.com PS. Demonstration tool for the linux 2.2 masq problem (masqed udp connection / external side rewrite) available on the site. It requires tcpdump (ftp://ftp.ee.lbl.gov) and the nemesis toolkit (http://www.packetfactory.net).
Current thread:
- Re: WSCRIPT.EXE , CSCRIPT.EXE replacement for *.vbs Knud Erik Højgaard (Apr 14)
- <Possible follow-ups>
- Re: WSCRIPT.EXE , CSCRIPT.EXE replacement for *.vbs Harmer, Mike (May 12)
- regarding phrack49's stack smashing tutorial Christian Hammers (May 13)
- Re: regarding phrack49's stack smashing tutorial Precious Roy (May 13)
- Re: regarding phrack49's stack smashing tutorial Bluefish (May 13)
- QPOP2.5* exploit ?? Ryan Sweat (May 14)
- Re: QPOP2.5* exploit ?? H D Moore (May 14)
- Re: QPOP2.5* exploit ?? jms (May 13)
- Napster Fix optik (May 14)
- Re: QPOP2.5* exploit ?? Maurycy Prodeus (May 15)
- Re: QPOP2.5* exploit ?? jms (May 14)
- Re: QPOP2.5* exploit ?? Eric LeBlanc (May 15)
- regarding phrack49's stack smashing tutorial Christian Hammers (May 13)
- hi sparc qpop info sp00n () GMX DE (May 14)
- Re: QPOP2.5* exploit ?? typo () INFERNO TUSCULUM EDU (May 14)
- Re: QPOP2.5* exploit ?? typo () INFERNO TUSCULUM EDU (May 14)
- Re: QPOP2.5* exploit ?? Dimitry Andric (May 14)
- Re: QPOP2.5* exploit ?? Martin Ixter (May 14)