lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Thu, 23 Oct 2003 22:53:30 +0200
From: "Lorenzo Hernandez Garcia-Hierro" <lorenzohgh@...g-security.com>
To: "Full-Disclosure" <full-disclosure@...ts.netsys.com>
Cc: "BUGTRAQ" <bugtraq@...urityfocus.com>
Subject: NASA WebSites Multiple Vulnerabilities ADVISORY opened to public access ( NASA websites Patched )


Hello friends,
I'm happy and sad in the same time.
The NASA websites are patched but they didn't contacted me after i sent the
access instructions to advisories, so,
i have now the advisory open and a complete action-mail/advisory log for
probe and provide the communication
between NASA staff and me.
__ ACCESS INFORMATION __
Advisory access:

http://advisories.nsrg-security.com/Nasa.gov-MV/

Mail & Action & Advisory Log :

http://advisories.nsrg-security.com/Nasa.gov-MV/mail-log.txt

ScreenShots:

http://advisories.nsrg-security.com/Nasa.gov-MV/screenshots/

__ <<<EOF __

That's all , about one week of work and a very short and strange
communication between NASA staff and me.
NOTE: not all the things are patched but i think that the most important ,
it's very possible that
the NASA staff will ignore some security holes....
Best regards to all people of Full-Disclosure , Nasa staff ( John ! ) ;-) ,
every body...
-------------------------------
0x00->Lorenzo Hernandez Garcia-Hierro
0x01->/* not csh but sh */
0x02->$ PATH=pretending!/usr/ucb/which sense
0x03-> no sense in pretending!
__________________________________
PGP: Keyfingerprint
4ACC D892 05F9 74F1 F453  7D62 6B4E B53E 9180 5F5B
ID: 0x91805F5B
**********************************
No Secure Root Group Security Research Team
http://www.nsrg-security.com
______________________


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


Powered by blists - more mailing lists