| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20030307214302.13205.qmail@web13114.mail.yahoo.com>
From: d4yj4y at yahoo.com (Day Jay)
Subject: [argv] PHC Threatcon Monitor & Hacklog Vulnerable
LMFAO!
LOLZ!
--- ARGV <argv@...hmail.com> wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
>
>
> 1. Topic:
> Threatcon monitor
> Hacklog
>
> OMG WTF LOL -- OHDAY PHC EXPLOIT -- OMG WTF LOL
>
> 2. Relevant versions:
> Vulnerable: 1.0
>
> Not Vulnerable: NONE!
>
> 3. Problem description:
> OMG WTF LOL!
>
> http://phrack.efnet.ru/threatbar.c
>
> if ((ffd = open(filename, O_WRONLY | O_CREAT)) < 0)
>
> OMG WTF LOL -- RACE CONDITION -- OMG WTF LOL!!!!!!
>
> TMP RACE 101:
> MAKE SYMLINK TO /etc/shadow IN /tmp MATCHING
> FILENAME
> WAIT FOR 31337 H4X0R TO RUN THREATBAR
> ...
> PROFIT!
>
> http://phrack.efnet.ru/hacklog.c
>
> OMG WTF LOL -- ANOTHER BUG -- OMG WTF LOL!!!!
>
> if (argc != 3)
> {
> fprintf (stderr, "Usage: %s <typescript>
> <timing-file>\n",
> argv[0]);
>
> WHOA MAN, WHAT IF ARGV IS NULL? WHOA MAN! OMG WTF
> LOL!!!
>
> 4. Workaround:
> BOW DOWN TO ME, THE GREAT TSAO
> ME SO SMART OMG WTF LOL!!!
>
> 5. References:
> THANKS TO SHIFTEE FOR THE EXPLOITZZZ OMG LOL!!!
>
> 6. Contact:
> argv@...hmail.com
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: Hush 2.2 (Java)
> Note: This signature can be verified at
> https://www.hushtools.com/verify
>
>
wlkEARECABkFAj5owsUSHGFyZ3ZAaHVzaG1haWwuY29tAAoJEO/BXrpp9Bkpw/MAoKSB
>
0Ault9S+OEhzfn3HcGo1YnpnAKCbVkFThlAMs4GeOcWAcJbavXNR5g==
> =83gT
> -----END PGP SIGNATURE-----
>
>
>
>
> Concerned about your privacy? Follow this link to
> get
> FREE encrypted email: https://www.hushmail.com/?l=2
>
> Big $$$ to be made with the HushMail Affiliate
> Program:
>
https://www.hushmail.com/about.php?subloc=affiliate&l=427
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter:
http://lists.netsys.com/full-disclosure-charter.html
__________________________________________________
Do you Yahoo!?
Yahoo! Tax Center - forms, calculators, tips, more
http://taxes.yahoo.com/
Powered by blists - more mailing lists