Message-ID: <013c01c399a7$b795ecb0$050010ac@Estila>
Date: Thu, 23 Oct 2003 22:53:30 +0200
From: "Lorenzo Hernandez Garcia-Hierro" <lorenzohgh@...g-security.com>
To: "Full-Disclosure" <full-disclosure@...ts.netsys.com>
Cc: "BUGTRAQ" <bugtraq@...urityfocus.com>
Subject: NASA WebSites Multiple Vulnerabilities ADVISORY opened to public access ( NASA websites Patched )


Hello friends,
I'm happy and sad in the same time.
The NASA websites are patched but they didn't contacted me after i sent the
access instructions to advisories, so,
i have now the advisory open and a complete action-mail/advisory log for
probe and provide the communication
between NASA staff and me.
__ ACCESS INFORMATION __
Advisory access:

http://advisories.nsrg-security.com/Nasa.gov-MV/

Mail & Action & Advisory Log :

http://advisories.nsrg-security.com/Nasa.gov-MV/mail-log.txt

ScreenShots:

http://advisories.nsrg-security.com/Nasa.gov-MV/screenshots/

__ <<<EOF __

That's all , about one week of work and a very short and strange
communication between NASA staff and me.
NOTE: not all the things are patched but i think that the most important ,
it's very possible that
the NASA staff will ignore some security holes....
Best regards to all people of Full-Disclosure , Nasa staff ( John ! ) ;-) ,
every body...
-------------------------------
0x00->Lorenzo Hernandez Garcia-Hierro
0x01->/* not csh but sh */
0x02->$ PATH=pretending!/usr/ucb/which sense
0x03-> no sense in pretending!
__________________________________
PGP: Keyfingerprint
4ACC D892 05F9 74F1 F453  7D62 6B4E B53E 9180 5F5B
ID: 0x91805F5B
**********************************
No Secure Root Group Security Research Team
http://www.nsrg-security.com
______________________


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Powered by blists - more mailing lists