Berkeley CSUA MOTD:Entry 15392
Berkeley CSUA MOTD
 
WIKI | FAQ | Tech FAQ
http://csua.com/feed/
2025/04/04 [General] UID:1000 Activity:popular
4/4     

1999/2/10-11 [Computer/HW/CPU, Computer/SW/OS] UID:15392 Activity:nil
2/9     Any local mirrors of the wu-ftpd patches? (either src or x86 RPMs)
        \_ what exactly was this exploit?
        \_ no patches known for the academ-wuftpd yet.  the exploit
           was a buffer overflow involving really long pathnames
           which can be created by an ftp user creating a very deep
           directory strucutstructure in a world writeable directory such
           as the incoming directory.
2025/04/04 [General] UID:1000 Activity:popular
4/4     

You may also be interested in these entries...
2011/11/29-2012/1/10 [Computer/HW/Printer] UID:54245 Activity:nil
11/29   HP printers might have a remote exploit that could set them on fire:
        http://preview.tinyurl.com/brh9bbq [ars technica]
        \_ Finally a use for the "printer on fire" error code!
           http://en.wikipedia.org/wiki/Lp0_on_fire
	...
2011/11/9-30 [Computer/SW/Security, Computer/SW/OS/OsX] UID:54219 Activity:nil
11/9    Unsigned code execution exploit in iOS 4.3 & 5:
        http://preview.tinyurl.com/bslubtu [arstechnica]
        \_ Fixed in iOS 5.0.1:
           http://preview.tinyurl.com/7l4vq52 [macobserver]
	...
2009/7/26-29 [Computer/SW/Security] UID:53200 Activity:nil
7/25    so is this a remote ssh exploit ?
        http://users.volja.net/database/matasano.PNG
        \_ No but this is:
           soda> ssh anywhere
	...
2009/7/8-16 [Computer/SW/OS/Linux, Computer/SW/Unix] UID:53124 Activity:nil
7/7     what happened to our web presence? http://www.csua.berkeley.edu
        not working
    \_ That would be because we've yet to set them up afaik. Steven *does* have
    a job after all. The idea is that we want a separate computer mounting the
    web directories, so that if an exploit compromises the webserver, the shell
    server (soda) itself will be insulated from the attack.
	...
2009/3/8-17 [Computer/SW/Unix] UID:52685 Activity:kinda low
3/8     I'm reading about an old exploit where someone used a buffer overflow
        in a printer daemon to get "daemon privileges," which allowed them
        to use another exploit on the mail delivery program to get root.  I'm
        not sure what daemon privileges are.  Is there some set of priveleges
        that most daemons run on that is higher than user but lower than root?
        What are they?  I've never heard this before.
	...
2008/12/10-16 [Computer/HW/CPU, Computer/HW/Drives] UID:52220 Activity:moderate
12/9    Another idea for the CSUA that lets you spend money and maybe get some
    cool toys. Instead of buying a beefy server (like say, a massive server
    with 20 386DX processors), buy a few cheap machines (like the ones
    mentioned below) that have good disks and work on failover / load
    balancing. A netscaler or other piece of hardware is complete overkill,
    but maybe hacking an OpenBSD box could do the trick. The idea is that
	...
2008/8/19-21 [Politics/Domestic/Crime, Computer/SW/OS] UID:50907 Activity:high
8/19    Exploit code downloads backdoor from two sources one .cc one local
        box on <DEAD>icq-mail.net<DEAD> (an link:secureserver.net) (upstream isp is sbcglobal
        (now ATT)).  both sources are still serving up the malicious .EXEs
        Who should I report this to?
        \_ are you getting DKAMINSKY DNS EXPLOITED???????????
           \_ no, i'm getting "my users are dumb asses" exploited.
	...