| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu Sep 8 20:23:46 2005 From: y0himba at technolounge.org (y0himba) Subject: Socks Vulnerability Also Effects Underwear(Package Compromised) Software vendor (Kmart) notified. I am the hardware vendor, so no notification is needed. -----Original Message----- From: Mike Hoye [mailto:mhoye@...n.polkaroo.net] Sent: Thursday, September 08, 2005 3:22 PM To: y0himba Cc: full-disclosure@...ts.grok.org.uk Subject: Re: [Full-disclosure] Socks Vulnerability Also Effects Underwear(Package Compromised) On Thu, Sep 08, 2005 at 02:39:15PM -0400, y0himba wrote: > Date: 9/8/2005 > Vulnerability Found: Hole In y0himba's Underwear > Affected System: Male Underwear(Possibly Female As Well) I've done some preliminary analysis of this problem, and it appears to be much worse than the earlier Sock vulnerabilities. This particular ware ships with _three_ unpatched holes, and occasionally a fourth that is only slightly secured. Nevertheless, it was deeply irresponsible of y0himba to disclose this information without first notifying the manufacturer, and allowing them the time to investigate these holes and patch them. -- "Those who ignore history are doomed to repeat it. Those who study history are doomed to know it's repeating." - John Witlock
Powered by blists - more mailing lists