[FUG-BR] Fwd: [Full-disclosure] Vulnerabilities in OpenBSD and billions is other websites
Joao Rocha Braga Filho
goffredo em gmail.com
Quinta Junho 7 02:56:19 BRT 2012
On Wed, Jun 6, 2012 at 6:08 PM, João Mancy <joaocep at gmail.com> wrote:
> Se alguém tem jogos no server tem mais que se F... mesmo.
>
Eu não instalo nem x-Windows no servidor. KISS. Minimizo o que deve
ser instalado.
João Rocha.
>
>
> 2012/6/6 vic <vic at wa.pro.br>
>
>> Em 2012-06-06 17:17, mantunes escreveu:
>> > Algum conhecimento sobre isso ??
>> >
>> >
>> > ---------- Forwarded message ----------
>> > From: Григорий Братислава <musntlive at gmail.com>
>> > Date: 2012/6/6
>> > Subject: [Full-disclosure] Vulnerabilities in OpenBSD and billions is
>> > other websites
>> > To: full-disclosure at lists.grok.org.uk,
>> > submissions at packetstormsecurity.org, bugtraq at securityfocus.com
>> >
>> >
>> > Hello full disclosure!! !! (is I forget another !!)
>> >
>> > I want to warn you about is vulnerability in OpenBSD and is maybe
>> > perhaps possible is Linux and BeOS.
>> >
>> > -------------------------
>> > Is affected maybe possible perhaps
>> > -------------------------
>> >
>> > OpenBSD
>> > NetBSD
>> > FreeBSD
>> > DragonflyBSD
>> > FruitcakeBSD
>> > Ubuntu
>> > Kbuntu
>> > Anotherbuntu
>> > BeOS
>> > NeXTOS
>> >
>> > -------------------------
>> > Details:
>> > -------------------------
>> >
>> > Is when someone is play knetwalk is user can get full scope!! Root!!
>> >
>> >
>> > -------------------------
>> > Is proof:
>> > -------------------------
>> >
>> > [grigori at bratislava] knetwalk > /dev/nullaruski 2>&1 && knetwalk >
>> > /dev/nullaruski 2>&1 && knetwalk > /dev/nullaruski 2>&1 &&
>> >
>> > And is you do this is 255 times we has:
>> >
>> > [grigori at bratislava] knetwalk > /dev/nullaruski 2>&1 && knetwalk >
>> > /dev/nullaruski 2>&1 && knetwalk > /dev/nullaruski 2>&1 &&
>> > kbuildsycoca running...
>> > DCOP Cleaning up dead connections.
>> > segmentation is fault
>> > [root at bratislva]# ICE default IO error handler doing an exit(), pid =
>> > 1984, errno = 42
>> >
>> >
>> > -------------------------
>> > Timeline:
>> > -------------------------
>> > 1984.01.14 Madonna is sing Holiday on American Bandstand
>> > 1984.01.24 Apple is release personal computer (musntlive is has
>> > exploit at this time)
>> > 1984.02.19 Is we make nuclear test at Kazakh Semipalitinsk
>> > 1984.02.19 musntlive plan advisory
>> > 2012.06.06 musntlive disclose real 0day is not fake
>> >
>> >
>> > --
>> >
>> > `Wherever I is go - there am I routed`
>> >
>> > _______________________________________________
>> > Full-Disclosure - We believe in it.
>> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> > Hosted and sponsored by Secunia - http://secunia.com/
>>
>> Não, _mas_
>>
>> O knetwalk[1] é um jogo do KDESC. Veja que ainda no exemplo tem o
>> kbuildsycoca do KDE também... Então se alguém[2] instalou joguinhos
>> dependentes do Qt no servidor... bom acho que não preciso dizer mais
>> nada...
>>
>> [1]: http://www.kde.org/applications/games/knetwalk/
>> [2]: alguém != sysadmin. Para não dizer outra coisa...
>>
>> --
>> vic
>> http://choppnerd.com
>> http://donttrack.us | http://dontbubble.us
>> -------------------------
>> Histórico: http://www.fug.com.br/historico/html/freebsd/
>> Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
>>
>
>
>
> --
> João Luis Mancy dos Santos
> joaocep at gmail.com (msn too)
> http://joaocep.blogspot.com
> http://www.istf.com.br/perguntas/
> http://www.fug.com.br/content/view/20/69/
> uin 82889044
> -------------------------
> Histórico: http://www.fug.com.br/historico/html/freebsd/
> Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
--
"Sempre se apanha mais com as menores besteiras. Experiência própria."
http://jgoffredo.blogspot.com
goffredo at gmail.com
Mais detalhes sobre a lista de discussão freebsd