Re: [Full-disclosure] OpenServer 5.0.6 OpenServer 5.0.7 : chroot A known exploit can break a chroot prison.

["KF (lists)" <kf_lists@xxxxxxxxxxxxxxxxxxx>]

Anyone ever wonder why all their security advisories come out for known 
issues two years after they have been found?

Anyone ever wonder why they STILL use a vulnerble version of wu ftpd on 
one of their main servers?

Connected to ftpput.sco.com.
220 artemis FTP server (Version 2.1WU(1)) ready.
Name (ftpput.sco.com:doucheknob):

Move along... nothing to see here but a decrepid OS that no one cares 
about.
-KF


James Longstreet wrote:

> On Wed, 11 May 2005 please_reply_to_security@xxxxxxx wrote:
> <snip>
>
> Has anyone ever wondered why SCO's mails come from
> please_reply_to_security@xxxxxxx?  Why not just make them come from
> security@xxxxxxx?  Or at least set the Reply-To: field?
>
> Other than preventing spam, is there a greater purpose here that I'm
> missing?
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
>
>
>  

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/