[34257] in North American Network Operators' Group
Bind 8.2 Remote-shell Exploit is actually trojan to attack NAI
daemon@ATHENA.MIT.EDU (John Fraizer)
Thu Feb 1 07:05:05 2001
Date: Thu, 1 Feb 2001 07:01:02 -0500 (EST)
From: John Fraizer <nanog@EnterZone.Net>
To: Charles Sprickman <spork@inch.com>
Cc: nanog <nanog@merit.edu>
In-Reply-To: <Pine.BSF.4.30.0102010131420.16165-100000@shell.inch.com>
Message-ID: <Pine.LNX.4.21.0102010656330.8972-100000@Overkill.EnterZone.Net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Errors-To: owner-nanog-outgoing@merit.edu
On Thu, 1 Feb 2001, Charles Sprickman wrote:
>
> On Wed, 31 Jan 2001, Henry R. Linneweh wrote:
>
> > I understand that, the issue I had with this is in the presentation
> > "Major net security holes identified", Should have read "Major net
> > security holes fixed " this would have been fair to Paul and crew.
> > is all I am saying.....
>
> I think that with the remote-shell exploit just released on Bugtraq the
> next article will have to revert to "Major security hole found - chaos
> ensues".
>
Well, in typical Bugtraq script-loser fashion, the remote-shell exploit
was actually a trojan to attack NAI:
\xa1\x45\x03\x96 == 161.69.3.150 == dns1.nai.com
So, it turns out it's not too aweful bad of a day (unless you're NAI) and
at least you still have a few minutes before a _real_ remote-shell exploit
is released.
---
John Fraizer
EnterZone, Inc
