Em 2012-06-06 17:17, mantunes escreveu: > Algum conhecimento sobre isso ?? > > > ---------- Forwarded message ---------- > From: Григорий Братислава <musntl...@gmail.com> > Date: 2012/6/6 > Subject: [Full-disclosure] Vulnerabilities in OpenBSD and billions is > other websites > To: full-disclos...@lists.grok.org.uk, > submissi...@packetstormsecurity.org, bugt...@securityfocus.com > > > Hello full disclosure!! !! (is I forget another !!) > > I want to warn you about is vulnerability in OpenBSD and is maybe > perhaps possible is Linux and BeOS. > > ------------------------- > Is affected maybe possible perhaps > ------------------------- > > OpenBSD > NetBSD > FreeBSD > DragonflyBSD > FruitcakeBSD > Ubuntu > Kbuntu > Anotherbuntu > BeOS > NeXTOS > > ------------------------- > Details: > ------------------------- > > Is when someone is play knetwalk is user can get full scope!! Root!! > > > ------------------------- > Is proof: > ------------------------- > > [grigori@bratislava] knetwalk > /dev/nullaruski 2>&1 && knetwalk > > /dev/nullaruski 2>&1 && knetwalk > /dev/nullaruski 2>&1 && > > And is you do this is 255 times we has: > > [grigori@bratislava] knetwalk > /dev/nullaruski 2>&1 && knetwalk > > /dev/nullaruski 2>&1 && knetwalk > /dev/nullaruski 2>&1 && > kbuildsycoca running... > DCOP Cleaning up dead connections. > segmentation is fault > [root@bratislva]# ICE default IO error handler doing an exit(), pid = > 1984, errno = 42 > > > ------------------------- > Timeline: > ------------------------- > 1984.01.14 Madonna is sing Holiday on American Bandstand > 1984.01.24 Apple is release personal computer (musntlive is has > exploit at this time) > 1984.02.19 Is we make nuclear test at Kazakh Semipalitinsk > 1984.02.19 musntlive plan advisory > 2012.06.06 musntlive disclose real 0day is not fake > > > -- > > `Wherever I is go - there am I routed` > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/
Não, _mas_ O knetwalk[1] é um jogo do KDESC. Veja que ainda no exemplo tem o kbuildsycoca do KDE também... Então se alguém[2] instalou joguinhos dependentes do Qt no servidor... bom acho que não preciso dizer mais nada... [1]: http://www.kde.org/applications/games/knetwalk/ [2]: alguém != sysadmin. Para não dizer outra coisa... -- vic http://choppnerd.com http://donttrack.us | http://dontbubble.us ------------------------- Histórico: http://www.fug.com.br/historico/html/freebsd/ Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
