lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <1619535919.20041224103444@ua.fm>
From: y_avenger_y at ua.fm (Alex V. Lukyanenko)
Subject: Shoe 1.0 - Remote Lace Overflow

Hello.
I understand the concept of Funn-Disclosure, but did you conact all
the affected vendors and wait at least one week for initial response?

-- 
Alex V. Lukyanenko | 86195208@icq | y_avenger_y@...fm



Wednesday, December 22, 2004, 6:20:45 PM, you wrote:

a0o>  Shoe 1.0 - Remote Lace Overflow
a0o>  --------------------------------------------

a0o>  This Vulnerability is in reference to the new class of remote vulnerabilities
a0o>  indicated in: 
a0o> 
a0o> http://www.securityfocus.com/archive/1/385078/2004-12-19/2004-12-25/2
a0o>  [Please read that first] 

a0o>  Discovery Credited To:
a0o>  ----------------------
a0o>  	freshman - 0x90.org
a0o>  	wxs      - 0x90.org
a0o>  	txs      - 0x90.org

a0o>  Greets:
a0o>  -------
a0o>  Jonathan T. Rockway for being the smartest man alive.

a0o>  Description:
a0o>  ------------
a0o>  A remote shoe vulnerability exists that could allow for remote tripping and
a0o>  possible exposure of sensitive data to the pavement.

a0o>  Scope:
a0o>  ------
a0o>  REMOTE

a0o>  Severity:
a0o>  ---------
a0o>  Hyper-Critical. This needs no explanation.

a0o>  Vulnerability:
a0o>  --------------
a0o>  Failure to properly tie your shoe could result in tripping and a possible
a0o>  broken face upon sudden deceleration when hitting the pavement.

a0o>  Vulnerable Sizes: 
a0o>  -----------------
a0o>  6 through 13. Other sizes may be vulnerable, but were unavailable for testing.

a0o>  Exploitation:
a0o>  -------------
a0o>  You have a 100% secure walking system - you do not fall down, or trip over
a0o>  your own laces.  A remote attacker could determine your shoe size by reading
a0o>  your livejournal FROM THE NETWORK and could MAIL YOU a shoe with extra long
a0o>  laces.  You put the shoe on without tying it properly and suddenly are exposed
a0o>  to a REMOTE shoe vulnerability!

a0o>  Fix:
a0o>  ----
a0o>  Do not wear untrusted shoes sent to you. Other possible workarounds include
a0o>  sandals (aka. flip-flops). These are a good work-around and are widely
a0o>  available for those concerned about their security. 

a0o>  Vendor Notification:
a0o>  --------------------
a0o>  Vendors were not notified at the time of this writing.  We have choosen not to
a0o>  give advance notice because the fault is not always with the vendor of the
a0o>  shoe as a REMOTE PERSON could SNAIL MAIL a LOCAL USER a  vulnerable shoe.

a0o>  We at 0x90.org believe that the users should be happy they were notified about
a0o>  this.  Imagine the mass destruction and chaos that would ensue if we unleashed
a0o>  a REMOTE SHOE VULNERABILITY WORM into the wild.  At this time we have choosen
a0o>  not to do that, mostly because we can not afford all the stamps to mail
a0o>  vulnerable shoes to the public.


a0o> _______________________________________________
a0o> Full-Disclosure - We believe in it.
a0o> Charter: http://lists.netsys.com/full-disclosure-charter.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ