[Home] [Credit Search] [Category Browser] [Staff Roll Call] | The LINUX.COM Article Archive |
Originally Published: Tuesday, 7 September 1999 | Author: Quentin Cregan |
Published to: news_enhance_security/Security News | Page: 1/1 - [Printable] |
amd exploit posts email to remote addresses
For all of those tried out the amd exploit... Guess what? It posts information about its usage to a remote source. Information about this can be found on BugTraq, and has been mirrored here.
|
Page 1 of 1 | |
[from BugTraq]
Hello, Sorry if this was already known, recently Someone named Taeho Oh published an exploit for a buffer overflow in rpc.amd (automount) While testing this exploit on my on server, i saw that i was opening a connection to ohhara.postech.ac.kr on port 25, After a little research i found out that The exploit (In it's original form) was sending an email to abuser@ohhara.postech.ac.kr and listing the arguments i just entered, There is an easy way to stop it from sending Just comment the line: system(cmd);
Here's the log as i got it from sniffit:
EHLO
BlackMesa.com
MAIL From:
(Ip's changed to protect the innocent)
Bye
| |
Page 1 of 1 |