lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Sun May 21 03:50:12 2006
From: 0x80 at hush.ai (0x80@...h.ai)
Subject: Microsoft MSDTC NdrAllocate Validation
	Vulnerability

Damn hushmail.

$18,500.00 US was the final selling price.  They offered a bit more 
for exlusivity for any future bugs but I turned them down.  The 
buyer wishes to remain anonymous.

All funds have been recieved in my account.  More bugs are coming 
soon.

On Sat, 20 May 2006 19:26:04 -0700 "ad@...poverflow.com" 
<ad@...poverflow.com> wrote:
>try to check the list archive which got it correctly
>
>http://lists.grok.org.uk/pipermail/full-disclosure/2006-
>May/046196.html
>
>
>huhu
>
>
>0x80@...h.ai wrote:
>> What is with the constant blank replies from this guy?  Is he a 
>> chink who doesn't know how to use email?
>>
>> On Sat, 20 May 2006 16:47:10 -0700 "ad@...poverflow.com" 
>> <ad@...poverflow.com> wrote:
>>   
>>> 0x80@...h.ai wrote:
>>>     
>>>> I sold both of them to the same buyer and we figured out why I
>>>> wasn't able to exploit it on IE 6.0.
>>>>
>>>> On Wed, 17 May 2006 01:48:38 -0700 Rajesh V 
><rvarada@...il.com>
>>>> wrote:
>>>>       
>>>>> Since this has turned into a spam thread anyway, does anyone 
>>>>>         
>>> know
>>>     
>>>>> whatever happend to that IE7 exploit this guy was trying to 
>>>>>         
>> sell
>>   
>>>>> here?
>>>>>
>>>>>
>>>>>
>>>>> On 5/17/06, 0x80@...h.ai <0x80@...h.ai> wrote:
>>>>>         
>>>>>> AM I BUGGING YOU?  AM I BUGGING YOU?  AM I BUGGING YOU?  AM 
>I
>>>>>> BUGGING YOU?  AM I BUGGING YOU?  AM I BUGGING YOU?  AM I 
>>>>>>           
>>> BUGGING
>>>     
>>>>>> YOU?  AM I BUGGING YOU?  AM I BUGGING YOU?  AM I BUGGING 
>YOU? 
>>>>>>           
>>>>> AM I
>>>>>         
>>>>>> BUGGING YOU?  AM I BUGGING YOU?  AM I BUGGING YOU?  AM I 
>>>>>>           
>>> BUGGING
>>>     
>>>>>> YOU?  AM I BUGGING YOU?  AM I BUGGING YOU?  AM I BUGGING 
>YOU? 
>>>>>>           
>>>>> AM I
>>>>>         
>>>>>> BUGGING YOU?  AM I BUGGING YOU?  AM I BUGGING YOU?  AM I 
>>>>>>           
>>> BUGGING
>>>     
>>>>>> YOU?  AM I BUGGING YOU?  AM I BUGGING YOU?  AM I BUGGING 
>YOU? 
>>>>>>           
>>>>> AM I
>>>>>         
>>>>>> BUGGING YOU?
>>>>>>
>>>>>> On Tue, 16 May 2006 00:57:27 -0700 ". Solo" 
>>>>>>           
>>> <soloaway@...il.com>
>>>     
>>>>>> wrote:
>>>>>>           
>>>>>>> Shut the fuck up  please~~
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> 2006/5/16, 0x80@...h.ai <0x80@...h.ai>:
>>>>>>>             
>>>>>>>> Ahhh there is a mature response.
>>>>>>>>
>>>>>>>>
>>>>>>>> On Thu, 11 May 2006 20:14:49 -0700 ". Solo"
>>>>>>>>               
>>>>> <soloaway@...il.com>
>>>>>         
>>>>>>>> wrote:
>>>>>>>>               
>>>>>>>>> Shut the fuck up!!
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> 2006/5/11, 0x80@...h.ai <0x80@...h.ai>:
>>>>>>>>>                 
>>>>>>>>>> Shouldnt this be considered low risk and not medium?
>>>>>>>>>>
>>>>>>>>>>                   
>>>>>> Concerned about your privacy? Instantly send FREE secure 
>>>>>>           
>> email,
>>   
>>>>> no account required
>>>>>         
>>>>>> http://www.hushmail.com/send?l=480
>>>>>>
>>>>>> Get the best prices on SSL certificates from Hushmail
>>>>>> https://www.hushssl.com?l=485
>>>>>>
>>>>>> _______________________________________________
>>>>>> Full-Disclosure - We believe in it.
>>>>>> Charter: http://lists.grok.org.uk/full-disclosure-
>charter.html
>>>>>> Hosted and sponsored by Secunia - http://secunia.com/
>>>>>>
>>>>>>           
>>>>> _______________________________________________
>>>>> Full-Disclosure - We believe in it.
>>>>> Charter: http://lists.grok.org.uk/full-disclosure-
>charter.html
>>>>> Hosted and sponsored by Secunia - http://secunia.com/
>>>>>         
>>>>
>>>> Concerned about your privacy? Instantly send FREE secure 
>email, 
>>>>       
>>> no
>>> account required
>>>     
>>>> http://www.hushmail.com/send?l=480
>>>>
>>>> Get the best prices on SSL certificates from Hushmail
>>>> https://www.hushssl.com?l=485
>>>>
>>>> _______________________________________________
>>>> Full-Disclosure - We believe in it.
>>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>>> Hosted and sponsored by Secunia - http://secunia.com/
>>>>
>>>>
>>>> __________ NOD32 1.1550 (20060520) Information __________
>>>>
>>>> This message was checked by NOD32 antivirus system.
>>>> http://www.eset.com
>>>>
>>>>
>>>>
>>>>       
>>
>>
>>
>> Concerned about your privacy? Instantly send FREE secure email, 
>no account required
>> http://www.hushmail.com/send?l=480
>>
>> Get the best prices on SSL certificates from Hushmail
>> https://www.hushssl.com?l=485
>>
>>
>>
>> __________ NOD32 1.1551 (20060521) Information __________
>>
>> This message was checked by NOD32 antivirus system.
>> http://www.eset.com
>>
>>
>>
>>



Concerned about your privacy? Instantly send FREE secure email, no account required
http://www.hushmail.com/send?l=480

Get the best prices on SSL certificates from Hushmail
https://www.hushssl.com?l=485

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ