Re: Immunity Advisory: dtlogin remote root
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Johan A.van Zanten wrote:
| The PDF version of your advisory indicates that your upcoming (29 Mar
|2004, according to those patent-happy people over at amazon.com) book
|includes scripts that can be used to test for the vulnerability. Are you
|going to provide any scripts or code fragments so that people can test
|their systems? As things stand, it looks a lot like you're trying to
|generate book sales by releasing a content-light advisory 6 days before
|your book comes out.
Technically the book is already out (you can walk over to Wiley's
office in Hoboken and buy it, probably). I recommend people buy it at
B&N or their local college bookstore since I totally agree that method
and software patents do many evil things and companies who insist on
purchasing such things should be shunned. It's known to be difficult
to purchase a copy of CANVAS if you are, say, someone who blackmailed
everyone who had a .gif on their website.
(snipped, a lot of good configuration of dtlogin information)
I don't think the access stuff works - but it might. It's literally
been almost two years since I found this vulnerability, and I did not
do as thorough a testing job as I could have. I did release a SPIKE
script that can be used to test for this vulnerability, though. It's
in the Wiley pack-of-exploits that was released with the book.
http://www.wiley.com/legacy/compbooks/koziol/
You'll see Sinan Eren's kernel local for Solaris there, and CANVAS's
old Win32 shellcode, as well as a bunch of other interesting
information about Oracle, DB2, etc.
Dave Aitel
Senior Vice President, Public Relations
Immunity, Inc.
P.S. I know it's a huge astounding surprise when a company releases an
advisory just for monetary gain and not for the betterment of mankind,
but I assure you that the 4 cents I make per book were not a factor.
For those of you contemplating writing a book for huge financial gain,
let me key you in on a simple fact of publishing: the publisher keeps
the money. Unless your name is "Stephen King" or your book is entitled
"Harry Potter and the New Shaving Kit by JK Rowling" you won't make
more than 10K on a book, which you probably worked 400 hours on.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFAYZF2zOrqAtg8JS8RAkLFAKCL950JLBFr88itsC3++ZDOn2+BXwCdFAKM
TiAWoYiyTuZ8IZFy06Ck2dQ=
=KLAT
-----END PGP SIGNATURE-----