lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
From: arjen.de.landgraaf at cologic.co.nz (Arjen De Landgraaf)
Subject: openssl exploit code

Well, let's see what happens with this post :)

We have taken the initiative to place a completely free,
very extensive and complete ICT security vulnerability 
database on the web, for the IT security world to 
use as a possible resource.

www.e-secure-db

E-Secure-DB is the result of a full-time team 24 x 7 
over the last  two years.   Each of the items entered
in the DB over that time has  been checked by at  
least one person.  No automated posting, 
although we do have most of the  harvesting automated. 

No news items like "Man Hacked to Death in Papua 
New Guinea" here, only relevant IT security stuff (well, we think).

Over 60,000 items, with between 50-100 added daily.
The database is organised in a tree structure, with
around 2500 folders on almost any subject, including 
product vulns, viruses, news, information etc. No empty folders:)

Updates - last batch update 16 Sept 03.00 New Zealand 
time (GMT +12). 

For instance: Info on Slapper / SSL worm in the 
SSL/OpenSSL folder:

http://www.e-secure-db.us/dscgi/ds.py/View/Collection-348

If anyone on this list finds any dead links, or anything 
else we can improve or change in  www.e-secure-db.us
to make it work better for you, let us know.

mail to: quality@...ecure-it.co.nz

Feedback really appreciated.

Arjen
CSL
Auckland
New Zealand









-----Original Message-----
From: core@...eoa.com [mailto:core@...eoa.com]
Sent: Tuesday, 17 September 2002 10:55 a.m.
To: Dave Ahmad; full-disclosure@...ts.netsys.com
Subject: Re: [Full-Disclosure] openssl exploit code


Solar, Dave, hellNbak, all,

On Mon, Sep 16, 2002 at 04:08:54PM -0500, Solar Eclipse wrote:
> On Mon, Sep 16, 2002 at 02:16:05PM -0600, Dave Ahmad wrote:
> > An exploit code that lists you as the author has been posted to Bugtraq.
> > I would like to request your permission before approving it for
> > distribution on the list.

That's interesting as a bugtraq moderator approved a post of
an exploit of mine without asking for consent. Namely
RaQFuCK.sh. What's worse? I attempted to reply to the person who
posted my exploit and discuss that I had only sent the exploit to
full-disclosure but this little piece of information was conveniently
withheld from bugtraq subscribers. Comments?

peace,
core

-- 
  Charles Stevenson (core) <core@...eoa.com>
  Lab Assistant, College of Eastern Utah San Juan Campus 
  http://www.bokeoa.com/~core/core.asc

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ