Remote iodinetd DoS vulnerability on Debian Lenny

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Remote iodinetd DoS vulnerability on Debian Lenny
From: Albert Sellarès <whats@xxxxxxxx>
Date: Sun, 26 Apr 2009 19:00:41 +0200
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

Hi,

I attach an exploit that lets you shutdown a remote iodinet server
(version <= 0.4.2). This bug was found some weeks before on Debian
Lenny, but it hasn't been fixed in the stable branch and the bug has
been closed :S.

This is the Debian bug:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=521260

Greetings.

-- 
  Albert Sellarès        GPG id: 0x13053FFE
  http://www.wekk.net    whats@xxxxxxxxxx 
  Linux User: 324456

Attachment: shoot-iodined
Description: Perl program

Attachment: signature.asc
Description: =?ISO-8859-1?Q?Aix=F2?= =?ISO-8859-1?Q?_=E9s?= una part d'un missatge signada digitalment

Prev by Date: T2'09: Call for Papers 2009 (Helsinki / Finland)
Next by Date: [ MDVSA-2009:097 ] clamav
Previous by thread: T2'09: Call for Papers 2009 (Helsinki / Finland)
Next by thread: SQL INJECTION (SHELL UPLOAD)--EZ-blog Beta2-->
Index(es):
- Date
- Thread