[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
Re: MORE SSH Hacking: heads-up
- From: Aaron Gaudio <prothonotar tarnation dyndns org>
- To: For users of Fedora Core releases <fedora-list redhat com>
- Subject: Re: MORE SSH Hacking: heads-up
- Date: Thu, 12 Aug 2004 23:01:44 -0400
On Thu, 2004-08-12 at 19:59 -0400, Dave Rinker wrote:
> funny to still see this thread running.
>
> Your conversation of the su issue prompted me to look for an exploit.
> Found this linux "su" exploit that copies the passwords to /tmp/.tmp
>
> The only problem is you'd have to get it there first.
>
> http://packetstormsecurity.nl/groups/shadowpenguin/unix-tools/passwd_linux.c
>
>
> Has anyone used my iptables suggestion with success?
>
Perhaps I'm being daft, but the exploit appears to be a 'passwd' trojan,
not an su trojan. And the attacker would need to get it in a place where
it would get inadvertently run (preferably by root).
--
Aaron Gaudio <prothonotar tarnation dyndns org>
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]