|
|
|
Pragma Fortress sshd Exploit |
Si vous voulez bloquer ce service sur vos fils RSS
Si vous voulez nous contacter ou nous proposer un fil RSS
Menu > Articles de la revue de presse : - l'ensemble [ tous | francophone] - par mots clé [ tous] - par site [ tous] - le tagwall [ voir] - Top bi-hebdo de la revue de presse [ Voir]
Présentation : Snagged this from PasteBin. Looks like responsible disclosure fails again... Quote from the post I'm familiar with the telephone... it's quite possibly the most insecure form of communication we have on this set. I alerted you to the fact that your product pragma fortress sshd has a very dangerous exploit and that my version of your product no longer does.. and that if you want the fix it would only cost you one license and key.. I'm considering jacking up the price though. If this fact is not a reality to you, logon to your own box with the following command edit it first ssh -2C -l lowestaccessusername -t yourdomainnameorIPv4 at 12 30 reallynastycommand ..then try to do that on mine. - and you might want to have your product fixed and distributed to your clients before this data becomes public widespread information.. which will be happening soon. But you don't seem interested in my generous offer, you seem to want to try to get free information from me other than what I've disclosed to you. as far as your product being Government approved , which government agency do you claim is using your product Magizian On Wed, May 25 at 06 04 PM GMT 7 , Andrew Tull wrote Hunter, Certainly, but I also like to use the phone. Let me know when we can connect over the telephone. It's the device that has the wonky ten digit keypad on it. Andrew ________________________________________ From hunter1977 hushmail.com hunter1977 hushmail.com Sent Wednesday, May 25, 2011 4 50 PM To Andrew Tull Subject Re FW Follow up on evaluation of Pragma Systems Telnet and SSH solutions SSH -2Cp 20022 -l user magizian2.dyndns.org is my number, password is freeaccess you do know how to use ssh right - On Wed, May 25 at 11 25 AM GMT 7 , Andrew Tull wrote Hunter, I am following up on the below - let me know when I can reach you over the phone to talk further about your email below. I look forward to hearing back from you. Thank you, Andrew Tull Pragma Systems 512.219.7270 ________________________________________ From hunter1977 hushmail.com hunter1977 hushmail.com Sent Tuesday, May 24, 2011 8 22 PM To Andrew Tull Subject Re Follow up on evaluation of Pragma Systems Telnet and SSH solutions Well, I found an insecurity in your sshd that allowed anyone to run virtually any command via the ssh -t flag, and absolutely any command when combined with the w32 at command... patched it, so the exploit no longer exists for me.. if you want it, it's only gonna cost you a free key. If you don't want it, then you probably left that insecurity in there on purpose. Hunter Reon Barnes Magizian SSH -2Cp 20022 -l user magizian2.dyndns.org password for user is freeaccess On Mon, May 23 at 11 01 PM GMT 7 , andrew.tull pragmasys.com wrote May 24, 2011 Dear hunter barnes, I hope all is well with you as you continue your evaluation of the Pragma technologies. I am following up with you to see how your evaluation is progressing If you require technical support, you may contact us at support pragmasys.com. If you have any sales related questions, please do not hesitate to contact me directly. I look forward to hearing back from you. Best regards, Andrew Tull Vice President, Sales Marketing Pragma Systems, Inc. 13809 Research Blvd, Suite 675 Austin, Texas 78750 512.219.7270 office 512.219.7110 fax 206.601.5516 cell andrew.tull pragmasys.com ... Well...if you could patch up... Link http pastebin.com EwcBh2Xr
Les mots clés de la revue de presse pour cet article : exploit
Les videos sur SecuObs pour les mots clés : exploit
Les mots clés pour les articles publiés sur SecuObs : exploit
Les éléments de la revue Twitter pour les mots clé : exploit
Les derniers articles du site "Security for the Masses" :
- LulzSec Next Op Sownage
- LulzSec Laughing at your security since 2011
- Black History Canada Website Being Probed
- 50 Cpanels Hacked. Is Your Website Here
- Tor Developers Worked for Navy, NSA
- DoD Memo on PKI
- Ozeki.hu Hacked and Exposed
- Latest Prices for EU CC - Stolen of Course
- Hackers Want Help Hacking Your Web Site...
- Latest from US-CERT
Menu > Articles de la revue de presse : - l'ensemble [ tous | francophone] - par mots clé [ tous] - par site [ tous] - le tagwall [ voir] - Top bi-hebdo de la revue de presse [ Voir]
Si vous voulez bloquer ce service sur vos fils RSS :
- avec iptables "iptables -A INPUT -s 88.190.17.190 --dport 80 -j DROP"
- avec ipfw et wipfw "ipfw add deny from 88.190.17.190 to any 80"
- Nous contacter par mail
| Mini-Tagwall des articles publiés sur SecuObs : | | | | sécurité, exploit, windows, attaque, outil, microsoft, réseau, audit, metasploit, vulnérabilité, système, virus, internet, usbsploit, données, source, linux, protocol, présentation, scanne, réseaux, scanner, bluetooth, conférence, reverse, shell, meterpreter, vista, rootkit, détection, mobile, security, malicieux, engineering, téléphone, paquet, trames, https, noyau, utilisant, intel, wishmaster, google, sysun, libre |
| Mini-Tagwall de l'annuaire video : | | | | curit, security, biomet, metasploit, biometric, cking, password, windows, botnet, defcon, tutorial, crypt, xploit, exploit, lockpicking, linux, attack, wireshark, vmware, rootkit, conference, network, shmoocon, backtrack, virus, conficker, elcom, etter, elcomsoft, server, meterpreter, openvpn, ettercap, openbs, iphone, shell, openbsd, iptables, securitytube, deepsec, source, office, systm, openssh, radio |
| Mini-Tagwall des articles de la revue de presse : | | | | security, microsoft, windows, hacker, attack, network, vulnerability, google, exploit, malware, internet, remote, iphone, server, inject, patch, apple, twitter, mobile, virus, ebook, facebook, vulnérabilité, crypt, source, linux, password, intel, research, virtual, phish, access, tutorial, trojan, social, privacy, firefox, adobe, overflow, office, cisco, conficker, botnet, pirate, sécurité |
| Mini-Tagwall des Tweets de la revue Twitter : | | | | security, linux, botnet, attack, metasploit, cisco, defcon, phish, exploit, google, inject, server, firewall, network, twitter, vmware, windows, microsoft, compliance, vulnerability, python, engineering, source, kernel, crypt, social, overflow, nessus, crack, hacker, virus, iphone, patch, virtual, javascript, malware, conficker, pentest, research, email, password, adobe, apache, proxy, backtrack |
|
|
|
|
|
