[Full-disclosure] OpenServer 5.0.6 OpenServer 5.0.7 : chroot A known exploit can break a chroot prison.
KF (lists)
kf_lists at digitalmunition.com
Wed May 11 19:44:48 BST 2005
Anyone ever wonder why all their security advisories come out for known
issues two years after they have been found?
Anyone ever wonder why they STILL use a vulnerble version of wu ftpd on
one of their main servers?
Connected to ftpput.sco.com.
220 artemis FTP server (Version 2.1WU(1)) ready.
Name (ftpput.sco.com:doucheknob):
Move along... nothing to see here but a decrepid OS that no one cares
about.
-KF
James Longstreet wrote:
>On Wed, 11 May 2005 please_reply_to_security at sco.com wrote:
><snip>
>
>Has anyone ever wondered why SCO's mails come from
>please_reply_to_security at sco.com? Why not just make them come from
>security at sco.com? Or at least set the Reply-To: field?
>
>Other than preventing spam, is there a greater purpose here that I'm
>missing?
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>Hosted and sponsored by Secunia - http://secunia.com/
>
>
>
>
>
Full-Disclosure is hosted and sponsored by Secunia.