[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <7edf447e05011107057e2f07b3@mail.gmail.com>
Date: Tue, 11 Jan 2005 07:05:12 -0800
From: stonersavant <dank.krew@...il.com>
To: Nancy Kramer <nekramer@...dtheater.net>
Cc: "announce@...0.org" <announce@...0.org>, Thomas Sutpen <sutpen@...il.com>,
dailydave@...unitysec.com, bugtraq@...urityfocus.com,
full-disclosure@...ts.netsys.com
Subject: Re: Shoe 1.0 - Remote Lace Overflow
I tested this in my lab. I'm happy to report that s10.5 Ninja Tabi
boots appear to be unaffected by the vulnerability.
savant
http://johnny.ihackstuff.com
On Sun, 26 Dec 2004 19:45:54 -0500, Nancy Kramer
<nekramer@...dtheater.net> wrote:
> The points on cowboy boots are also great for stepping on cockroaches in
> corners thereby helping one maintain a bug free environment.
>
> Regards,
>
> Nancy Kramer
> Webmaster http://www.americandreamcars.com
> Free Color Picture Ads for Collector Cars
> One of the Ten Best Places To Buy or Sell a Collector Car on the Web
>
>
> At 06:49 PM 12/25/2004, Thomas Sutpen wrote:
>
> >On Wed, 22 Dec 2004 11:20:45 -0500, announce@...0.org <announce@...0.org>
> >wrote:
> >[...]
> > > Vulnerable Sizes:
> > > -----------------
> > > 6 through 13. Other sizes may be vulnerable, but were unavailable for
> > testing.
> >
> >Cursory note: The guy with the size 13s must get all the chicks. You
> >know what they say ....
> >
> >[...]
> >
> > > Fix:
> > > ----
> > > Do not wear untrusted shoes sent to you. Other possible workarounds
> > include
> > > sandals (aka. flip-flops). These are a good work-around and are widely
> > > available for those concerned about their security.
> >
> >Merrell also makes a "Jungle Moc" that is a mitigating factor to this
> >vulnerability. All shoes of similar "Moccasin" styles, as well as
> >Cowboy Boots, also seem to be unaffected. Cowboy Boots with spurs
> >seem to add an additional layer of security, as well as cool points.
> >
> >Review of their website seems to indicate that they're going to be
> >discontinuing the line, though. So, with Boxing Day tommorrow, I'd
> >recommend snapping up a few pairs as a cautionary posture against the
> >possibility of future attacks.
> >
> >[...]
> >
> >TS
> >_______________________________________________
> >Full-Disclosure - We believe in it.
> >Charter: http://lists.netsys.com/full-disclosure-charter.html
> >
> >
> >
> >
> >---
> >Incoming mail is certified Virus Free.
> >Checked by AVG anti-virus system (http://www.grisoft.com).
> >Version: 6.0.822 / Virus Database: 560 - Release Date: 12/22/2004
>
>
>
> ---
> Outgoing mail is certified Virus Free.
> Checked by AVG anti-virus system (http://www.grisoft.com).
> Version: 6.0.822 / Virus Database: 560 - Release Date: 12/22/2004
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>
>
>
--
someone is watching you.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists