lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <00d401c5b4b0$c1c05ba0$1214dd80@corp.emc.com>
Date: Thu Sep  8 21:06:19 2005
From: exibar at thelair.com (Exibar)
Subject: Secuirty Hole Found In Dave's Sock

the Soloman socks..... long may they live :-)

Exibar
----- Original Message ----- 
From: "Mary Landesman" <mlande@...lsouth.net>
To: <full-disclosure@...ts.grok.org.uk>
Sent: Thursday, September 08, 2005 2:33 PM
Subject: Re: [Full-disclosure] Secuirty Hole Found In Dave's Sock


> This flaw is incredibly old. In the latter part of the 90s, Dr. Solomon's
> antivirus team assisted afflicted users by distributing socks at various
> worldwide conferences. Alas, the socks - and presumably the antivirus
> software - were later acquired by McAfee, Inc. Since then, McAfee has not
> only failed to continue supporting the socks that were released by
Solomon,
> it has not updated nor released any further socks. As such, the
> vulnerability has been largely ignored - only to be 'rediscovered' by Dave
> several years later.
>
> Another flaw with Dave's report: He indicates the vulnerable system is the
> Right sock. Indeed, research consistently indicates the Left sock is
equally
> vulnerable.
>
> Regards,
> -- Mary
>
> ----- Original Message ----- 
> From: "Dave Cawley" <dave.cawley@...lphia.com>
> To: <full-disclosure@...ts.grok.org.uk>
> Sent: Thursday, September 08, 2005 12:10 PM
> Subject: [Full-disclosure] Secuirty Hole Found In Dave's Sock
>
>
> Date: 9/8/2005
>
> Vulnerability Found:   Hole In Dave's Socket
>
> Affected System: Dave's Right Sock
>
> Severity: Rating: Moderately Critical
> Impact: System access
> Where:  Foot
>
> Description of Vulnerability:  This morning while putting my socks
> on I found a small (1/4 inch) hole by my big toe. This could be
> exploited by a virus through the bottom of the foot or under the
> toe nail. This could be used to compromise Dave's entire system.
>
> Solution: No permanent solution is currently available. A work
> around is to wear the sock on the other foot to have the hole
> above the small toe where it will not be furthur enlarged, it
> will proboably fold over and partially cover the vulnerability.
> Permanent solution coming in either a sock darning or upgrading
> the unit to a new sock.
>
> Time Table: Found at 7:48am on Sept 8th, 1005
> Work around figured out at 7:49am on Sept 8th,
> 2005
> Permanent Solution Pending
>
> Credits: Found by Dave
>
> References: No references available.
>
>
> ***************************************************************
> Dave D. Cawley           |
> High Speed Internet      |    The number of Unix installations
> Duryea, PA               | has grown to 10, with more expected.
> (570)451-4311 x104       |  - The Unix Programmer's Manual,1972
> dave.cawley@...lphia.com |
> ***************************************************************
>                   URL => http://www.adelphia.net
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ