lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20020915035749.A3062@hamsec.aurora.sfo.interquest.net>
From: silvio at big.net.au (silvio@....net.au)
Subject: openbsd /bin/ls advisory (oh erm.. ALERT)

ALERT..

u change the COLUMNS env variable in obsd to < 0, and it will actually
"ignore" it and use 1 column when doing /bin/ls -x

also.. try changing it to just a string. long live atoi.

its not a bug, its a feature!

!!!!

OK.. this isnt to bag openbsd since they are very quick and take security
seriously (though many people say otherwise).  this is simply a threatcon -0.13
advisory and hence, with negative threatcons, advisories like this are the
norm.


ok.. back to seriousness.

I once lived with a guy in australia, that said he was some martial arts
ninja (kickboxing?) or something.. he wasn't exactly the most "charasmatic"
guy i have lived with, and infact i think had some serious integration
problems.

his ninja skills were uncertain i must say.. although he sure could wave
his hands in the air alot..  i did not live with him for very long.

my beautiful verendah, partitioned walling using bed sheets accomodation..
I didn't even have a telephone, let alone a net connection! hehe


so.. i think the best thing we should all do know, is start hyping up security
so we can arrest some guy on the net who just learnt how to google search
for 0040.mpeg.  I suspect the 0040.mpeg people are very sinister indeed,
operating in cell's with systemetic intent on being malicious.

and for those who know how to use google.. well.. shit.. i just told u
about 0040.mpeg hacking ! (ps. i have no google skills)

--
Silvio

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ