lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 11 Dec 2007 12:28:29 -0800 From: "Porco Graxa" <porco.graxa@...il.com> To: full-disclosure@...ts.grok.org.uk Subject: Re: Google / GMail bug, all accounts vulnerable GPS 0-day Advisory: obvious Clown Town Faggotry Kristian Hermafoditas, you have once agained summoned the beasts security group Fatty Pig Seguranca with this lame Gmail not security of issue. An obvious issue without real merit. Moreover, not discovered by you. Ask the google for "Gmail logout CSRF" or "Google logout csrf" and approximately 9 billion query results come immediately. http://www.0x000000.com/index.php?i=382 http://www.gnucitizen.org/blog/persistent-csrf-and-the-hotlink-hell/ Unfortunately, you fail basic unethical test and tell GPS to wait for paper to introduce such a simple consultation. We will not wait for stupid paper. Your paper is not worth the ink your greasy bearded hands type the paper with. The Internet has to bring the truth, we are guessing not friends. Your "exploits" make GPS laugh and roll in much beef (http://www.milw0rm.com/author/588) "Ubuntu Breezy 5.10 Installer Password Disclosure Vulnerability" http://www.milw0rm.com/exploits/1579 It is a front for "cat". How you write this and still cuddle with your sister? "Ubuntu / Debian Apache 1.3.33/1.3.34 (CGI TTY) Local Root Exploit" http://www.milw0rm.com/exploits/3384 Maybe this one is real I do not run silly fancy graphics OS to try it out. "Gimp 2.2.14 RAS vuln" http://www.milw0rm.com/exploits/3888 That DownExec shellcode look nice. It was useful when you grabbed it from Metasploit? Perhaps you should give the president credit before telling security world you create the good shellcode. (Through much use of diff, GPS has discovered these security codes are Metasploit Windows Reverse Run with no Encoder) "MS Windows Vista forged package ARP Network Stack DoS Exploit" http://www.milw0rm.com/exploits/3926 Symantec (who discovered the vulnerability), explains: "These are two sub-demand access to the network, are not new and have limited solutions available." I had to read much of your spooge ASCII art and crap argument analyze code to discover that you were not doing anything. Think band is free? "MySQL <= 5.0.45 (Change) Vulnerability denial of service" http://www.milw0rm.com/exploits/4615 You need ALTER permissions. It is most surprising that alter permissions on database lead to much delay. Kristian 'I have no special talent I am just bi-curious' Hermafoditas, not write such de encontro a engraçado the time of the research Comunidade. porco graxa Gordos Pig Seguranca _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists