| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu Sep 8 21:06:19 2005 From: exibar at thelair.com (Exibar) Subject: Secuirty Hole Found In Dave's Sock the Soloman socks..... long may they live :-) Exibar ----- Original Message ----- From: "Mary Landesman" <mlande@...lsouth.net> To: <full-disclosure@...ts.grok.org.uk> Sent: Thursday, September 08, 2005 2:33 PM Subject: Re: [Full-disclosure] Secuirty Hole Found In Dave's Sock > This flaw is incredibly old. In the latter part of the 90s, Dr. Solomon's > antivirus team assisted afflicted users by distributing socks at various > worldwide conferences. Alas, the socks - and presumably the antivirus > software - were later acquired by McAfee, Inc. Since then, McAfee has not > only failed to continue supporting the socks that were released by Solomon, > it has not updated nor released any further socks. As such, the > vulnerability has been largely ignored - only to be 'rediscovered' by Dave > several years later. > > Another flaw with Dave's report: He indicates the vulnerable system is the > Right sock. Indeed, research consistently indicates the Left sock is equally > vulnerable. > > Regards, > -- Mary > > ----- Original Message ----- > From: "Dave Cawley" <dave.cawley@...lphia.com> > To: <full-disclosure@...ts.grok.org.uk> > Sent: Thursday, September 08, 2005 12:10 PM > Subject: [Full-disclosure] Secuirty Hole Found In Dave's Sock > > > Date: 9/8/2005 > > Vulnerability Found: Hole In Dave's Socket > > Affected System: Dave's Right Sock > > Severity: Rating: Moderately Critical > Impact: System access > Where: Foot > > Description of Vulnerability: This morning while putting my socks > on I found a small (1/4 inch) hole by my big toe. This could be > exploited by a virus through the bottom of the foot or under the > toe nail. This could be used to compromise Dave's entire system. > > Solution: No permanent solution is currently available. A work > around is to wear the sock on the other foot to have the hole > above the small toe where it will not be furthur enlarged, it > will proboably fold over and partially cover the vulnerability. > Permanent solution coming in either a sock darning or upgrading > the unit to a new sock. > > Time Table: Found at 7:48am on Sept 8th, 1005 > Work around figured out at 7:49am on Sept 8th, > 2005 > Permanent Solution Pending > > Credits: Found by Dave > > References: No references available. > > > *************************************************************** > Dave D. Cawley | > High Speed Internet | The number of Unix installations > Duryea, PA | has grown to 10, with more expected. > (570)451-4311 x104 | - The Unix Programmer's Manual,1972 > dave.cawley@...lphia.com | > *************************************************************** > URL => http://www.adelphia.net > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > >
Powered by blists - more mailing lists