Re: [Full-Disclosure] Automated ssh scanning
Greetings,
Am Donnerstag, 26. August 2004 23:35 schrieben Sie:
> > Am Donnerstag, 26. August 2004 00:32 schrieb Richard Verwayen:
> > > Hello list!
> > >
> > > A few weeks ago there was a discussion about automated ssh scanning
> > > with user/password combinations like guest/guest or admin/admin.
> > > I set up a debian woody fully patched with both accounts activated, and
> > > got rooted some days later...
> >
> > So - you installed it with 2.4.18-bf24 - and you still use this kernel?
> > Oops.
> > apt-get might have some issues causing the installed kernel not be
> > updated. Anyway, in the past there have been some confusion, wheteher
> > 2.4.18bf24 is a ought to run on a server.
> > May you please post you current kernel-package-version - including
> > built-number?
>
> Der Kernel ist aus den letzten verfügbaren kernel-sources-2.4.19 mit dem
> freeswan-patch am 06.08.2004 entstanden.
>
>
> testhost:~# dpkg -l kernel-source-2.4.19
> Desired=Unknown/Install/Remove/Purge/Hold
>
> | Status=Not/Installed/Config-files/Unpacked/Failed-config/Half-installed
> |/ Err?=(none)/Hold/Reinst-required/X=both-problems (Status,Err:
> | uppercase=bad)
> |
> ||/ Name Version
> || Description
>
> +++-===================================-===================================
>-===========================================================================
>=========== ii kernel-source-2.4.19 2.4.19-4.woody2
> Linux kernel source for version 2.4.19 ii kernel-patch-freeswan
> 1.96-1.4 IPSEC kernel support for
> FreeSwan ii kernel-package 7.107
> Debian Linux kernel package build scripts.
Ok, fup2 debian-security@lists.debian.org
It seems that kernel-source-2.4.19 still suffers do_brk....
Keep smiling
yanosz
Reply to: