lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
From: shrdlu at deaddrop.org (Etaoin Shrdlu)
Subject: Re: Geeklog Multiple Versions Vulnerabilities

Daniel Bartlett wrote:
> On 10/4/2003, "Michael Renzmann" <security@...anic.de> wrote:
> 
> >Hi all.
> >
> >Lorenzo Hernandez Garcia-Hierro wrote:
> >> Geeklog Multiple Versions Vulnerabilities
> >> ------
> >> PRODUCT: Geeklog
> >> VENDOR: Geeklog
> >> VULNERABLE VERSIONS:
> >[...]
> >
> >Is it just me, or did anyone else notice that this vulnerability report
> >comes through once or twice every day since about the beginning of this
> >week? As far as I could see it's always the same text, without any
> >changes...

> No its not just you, I was thinking it also....
> Does someone maybe want their name seen alot?
> Daniel.

{ugh. Top posting. I reformatted.}

It isn't the original poster that was the problem (even if it was a stupid
and pointless advisory). There is a remailer whose name ends in .fr (sorry,
I don't have any of those emails, and can't remember what it was) that is
causing the problem. In addition, it was cross-posted to bugtraq, so we are
guaranteed to see it at least twice. I so wish that folk wouldn't do this,
btw, since it's really hard on any list that was posted to in addition to
bugtraq. I've removed all the CCs in this, but any discussion that makes it
onto bugtraq is going to show up at least once more here, thanks to their
brain-dead mailer.

If you still have the original message, take a look at the headers of any
of the copies. It isn't from Lorenzo, it's from the remailer in France.
Which reminds me: I've seen this same stupidity on at least one other list
from the same remailer. Whoever you are, fix it or unsubscribe! In fact,
novappc@...appc.com seems to be the one commonality in these two lists...
Guess it IS back to Lorenzo. Yep, Lorenzo's domain, novappc.com does indeed
lead back to amen.fr, which is probably where that danged remailer starts
from... Heads up, Lorenzo, boy.

--
When you wish to instruct be brief -- so that people's minds
can quickly grasp what you have to say, understand your point,
and retain it accurately. Unnecessary words just spill over the
side of a mind already crammed to the full.     (Cicero)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ