[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <e91363810712111228x724637ddjb19257fb243090f5@mail.gmail.com>
Date: Tue, 11 Dec 2007 12:28:29 -0800
From: "Porco Graxa" <porco.graxa@...il.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: Google / GMail bug, all accounts vulnerable
GPS 0-day Advisory: obvious Clown Town Faggotry
Kristian Hermafoditas, you have once agained summoned the beasts
security group Fatty Pig Seguranca with this lame Gmail not security
of issue. An obvious issue without real merit. Moreover, not
discovered by you. Ask the google for "Gmail logout CSRF" or "Google
logout csrf" and approximately 9 billion query results come
immediately.
http://www.0x000000.com/index.php?i=382
http://www.gnucitizen.org/blog/persistent-csrf-and-the-hotlink-hell/
Unfortunately, you fail basic unethical test and tell GPS to wait for
paper to introduce such a simple consultation. We will not wait for
stupid paper. Your paper is not worth the ink your greasy bearded
hands type the paper with. The Internet has to bring the truth, we are
guessing not friends.
Your "exploits" make GPS laugh and roll in much beef
(http://www.milw0rm.com/author/588)
"Ubuntu Breezy 5.10 Installer Password Disclosure Vulnerability"
http://www.milw0rm.com/exploits/1579
It is a front for "cat". How you write this and still cuddle with your sister?
"Ubuntu / Debian Apache 1.3.33/1.3.34 (CGI TTY) Local Root Exploit"
http://www.milw0rm.com/exploits/3384
Maybe this one is real I do not run silly fancy graphics OS to try it out.
"Gimp 2.2.14 RAS vuln"
http://www.milw0rm.com/exploits/3888
That DownExec shellcode look nice. It was useful when you grabbed it
from Metasploit? Perhaps you should give the president credit before
telling security world you create the good shellcode. (Through much
use of diff, GPS has discovered these security codes are Metasploit
Windows Reverse Run with no Encoder)
"MS Windows Vista forged package ARP Network Stack DoS Exploit"
http://www.milw0rm.com/exploits/3926
Symantec (who discovered the vulnerability), explains: "These are two
sub-demand access to the network, are not new and have limited
solutions available." I had to read much of your spooge ASCII art and
crap argument analyze code to discover that you were not doing
anything. Think band is free?
"MySQL <= 5.0.45 (Change) Vulnerability denial of service"
http://www.milw0rm.com/exploits/4615
You need ALTER permissions. It is most surprising that alter
permissions on database lead to much delay.
Kristian 'I have no special talent I am just bi-curious' Hermafoditas,
not write such de encontro a engraçado the time of the research Comunidade.
porco graxa
Gordos Pig Seguranca
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists