Just because of the conversation last week re: evolution
security... Here is someone who claims to have found a
fully-automatic remote exploit for Pine.
A worm that uses Pine as the infection vector. Oooo! Keep those
address books safe!
attached mail follows:
Ok here it is
Remote pine exploit
quite efficient since no "real offsets are needed" especially in the
first method of exploitation
Worx against grsec high security with random stack with "hard" method
since it is a return to libc tested vs slackware grsec
portbind on 6682 with FULL therminal support i.e. launch bx from ur exp =D
autodiscovers targets/offsets needed
redhat works too but only "easy" method... because of a pop ebp before a
ret.. there is no leave
worm can easily b made especially with "bruteforce" with about 99%
success!!
have fun =P
sorry i forgot to attach code ;D
___________________
Nolug mailing list
nolug@nolug.org
This archive was generated by hypermail 2.2.0 : 12/19/08 EST