lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <001a01c259d0$f3c9bf30$af00a8c0@orange>
From: mcgehrin at reverse.net (Matthew McGehrin)
Subject: IMPORTANT SECURITY ADVISORY PLEASE READ!

Perhaps its time for a second list.

Full-disclosure-humor :)

----- Original Message -----
From: "Percival, Ray" <Ray.Percival@...mit.fiserv.com>
To: <ashlieangel86@...mail.com>; <full-disclosure@...ts.netsys.com>
Sent: Wednesday, September 11, 2002 3:51 PM
Subject: RE: [Full-Disclosure] IMPORTANT SECURITY ADVISORY PLEASE READ!


> There is also the one where a guy with a stick sneaks up behind you and
hits you on the head then does bad things to your system. Watch out for this
one. :)
>
> Ray
>
> -----Original Message-----
> From: segfault
> Sent: Wednesday, September 11, 2002 12:48 PM
> To: full-disclosure@...ts.netsys.com
> Subject: [Full-Disclosure] IMPORTANT SECURITY ADVISORY PLEASE READ!
>
>
>
>  V4GU3-Disclosure
>  http://www.imprettysure.com
>
>  !Security Advisory!
>
>  Advisory Name: This could be bad.
>
>  Application: A widely used daemon.
>
>  Platform: A widely used platform.
>
>  Date:  9.11.02
>
>  Severity: We speculate attacker could potentially do very bad things
>    to you're machine if you do not immediately download the
>    security patch from a website we're not sure exists.
>
>  Overview: This service listens on a port and waits for a connection
>    from a client, then the service retrieves authentication
>    information from the client.  Once authenticated, the client
>    can use the service.
>
>  Description: Exploitation of a bug in this service could give an attacker
>    ROOT level access to an unpatched machine.  We're pretty sure
>    the bug is a buffer overflow somewhere, but we know for
>    certain it is exploitable, and is very dangerous.
>
>  Exploit: /* exploit.c by V4GU3-Disclosure staff.
>
>       This program must be run for the exploit to work.
>
>       Suggested arguments are:  +vxz 49
>
>       Make sure you are ROOT when you run this!
>
>    */
>
>    #include <stdio.h>
>    #include <somethingimportant.h>
>    #include <ifyoudontincludethisitwontwork.h>
>    #include <rootkit.h>
>
>    int main()
>    {
>     printf("FUCKING OWNED!")
>     return(0);
>    }
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ