lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20050908192136.GA29200@bitchcake.off.net>
Date: Thu Sep  8 21:22:26 2005
From: mhoye at neon.polkaroo.net (Mike Hoye)
Subject: Socks Vulnerability Also Effects
	Underwear(Package Compromised)

On Thu, Sep 08, 2005 at 02:39:15PM -0400, y0himba wrote:
> Date:		9/8/2005
> Vulnerability Found:   	Hole In y0himba's Underwear
> Affected System:		Male Underwear(Possibly Female As Well)

I've done some preliminary analysis of this problem, and it appears
to be much worse than the earlier Sock vulnerabilities. This particular
ware ships with _three_ unpatched holes, and occasionally a fourth that
is only slightly secured.

Nevertheless, it was deeply irresponsible of y0himba to disclose this
information without first notifying the manufacturer, and allowing them
the time to investigate these holes and patch them.




-- 
"Those who ignore history are doomed to repeat it. Those who study
history are doomed to know it's repeating." - John Witlock

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ