fuck you 2.
mindless consultant rely on charletan look dumb fuck gibson suck nothing but shit covered dick Paul Tinsley get gibson left over must taste good here is invoice i look smart hire again mom is proud >You people amaze me.... you are too busy proving that each othe >r suck to >just get the word out on exploits. You should note that I neve >r claimed >who discovered it, I honestly don't care. I know personally I >would >prefer if political agendas or conspiracy theories stay off the > list. >Point is, systems are insecure, get the word out. Pat on the b >ack for >whoever did discover it... > > So revised version of original message: >I haven't seen much if any coverage of a rather nasty exploit i >n Windows >XP that was discovered by what I believe was a human on earth. > If you >would like to keep your XP boxes from being venerable to this e >xploit >which happens to delete whatever a properly formed link request >s, delete >%windir%\PCHEALTH\HELPCTR\System\DFS\uplddrvinfo.htm > >Thank you to Thor for posting more accurate information in repl >y to my >message.... >Shane Hird discovered it. >You can see his post here: > >http://cert.uni-stuttgart.de/archive/bugtraq/2002/08/msg00224.h >tml > >And you can try a proof-of-concept here: > >http://jscript.dk/2002/8/sec/xphelpdelete.html > >And you can see all of the 20 publicly known unpatched vulnerab >ilities >in Internet Explorer here: > >http://www.pivx.com/larholm/unpatched/ > > >-----Original Message----- >From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] >Sent: Tuesday, September 10, 2002 2:36 PM >Subject: Re: [Full-Disclosure] XP security hole uplddrvinfo.htm > > > >-----BEGIN PGP SIGNED MESSAGE----- >Hash: SHA1 > >Steve Gibson=FUD charlaten www.grcsucks.com > >>Sorry if this has already been posted but I was made aware of >a >> rather >>ugly security hole in Windows XP. >> > >FUD FUD FUD > >>This vulnerability allows the files contained in any specified > >>directory >>on your system to be deleted if you click on a specially forme >d >> URL. >>This URL could appear anywhere: sent in malicious eMail, in a >c >>hat room, >>in a newsgroup posting, on a malicious web page, or even execu >t >>ed when > >Geogie Guninski discovered this long time ago. Major vulnerabi >lity also >exist if user type format command wrong. > >Gibson no skills not discover this. > >>your computer merely visits a malicious web page. It is likely > >>to be >>widely exploited soon. > >Widely exploited soon? Gibson planning something? > >bullshit bullshit bullshit > > >>This vulnerability is so dangerous that it would be irresponsi >b >>le for me >>to say more. Microsoft has known of this problem for months an >d > >FUD FUD FUD bullshit bullshit bullshit. Gibson is marketing. >General >terms high level bullshit mean more consultant dollars. > >> has, >>inexplicably, done nothing before now. Although XP's Service P >a >>ck 1 is >>not small (approx 30 MB for express installation or 140 MB for > >>the >>network install), and even though a much quicker and easier so >l >>ution to >>this problem exists, the only thing I can safely recommend (wi >t >>hout >>revealing too much) is to urge all XP users to somehow obtain >a >>nd >>install Service Pack 1 immediately. (If you have a slow Intern >e >>t >>connection, perhaps a friend can download the executable Servi >c >>e Pack >>file and burn it onto a CD for you?) > >More fud fud fud bullshit bullshit bullshit. Problem fixed wit >h hotfix >not sp1. Gibson very dumb. > >>This problem does not affect any systems other than Windows XP >. >> If you >>have any friends or co-workers running Windows XP, please urge > >>them to >>update their systems' too. Once the details of this vulnerabil >i >>ty have >>leaked through other channels I will provide additional inform >a >>tion. > >Gibson planning leak? Tell friends that Gibson great security >guy and >pay to consult. bullshit bullshit bullshit FUD FUD FUD > >>there is an alternative. There's a file you can rename or dele >t >>e to fix >>the security hole. Here are the steps: >> >>Perform a search for a file on your C drive called "uplddrvinf >o >>.htm." >>Once you've found the file, delete it or rename it. Doing so w >i >>ll not >>hinder your ability to use Windows XP. > >bullshit bullshit bullshit. > >Does not fix problem. Gibson is dumb. > >-----BEGIN PGP SIGNATURE----- >Version: Hush 2.1 >Note: This signature can be verified at https://www.hushtools.c >om > >wlgEARECABgFAj1+RfMRHGdvYmJsZXNAaHVzaC5jb20ACgkQpmwDHEAx56siiwC >gkCxM >SwzADNeDmHjVlFWgxDpK9yoAn3sN5Hqhxdyn9xOAFsdmtRYDN3Vd >=Ok0V >-----END PGP SIGNATURE----- > > > > >Get your free encrypted email at https://www.hushmail.com > >You people amaze me.... you are too busy proving that each othe >r suck to >just get the word out on exploits. You should note that I neve >r claimed >who discovered it, I honestly don't care. I know personally I >would >prefer if political agendas or conspiracy theories stay off the > list. >Point is, systems are insecure, get the word out. Pat on the b >ack for >whoever did discover it... > > So revised version of original message: >I haven't seen much if any coverage of a rather nasty exploit i >n Windows >XP that was discovered by what I believe was a human on earth. > If you >would like to keep your XP boxes from being venerable to this e >xploit >which happens to delete whatever a properly formed link request >s, delete >%windir%\PCHEALTH\HELPCTR\System\DFS\uplddrvinfo.htm > >Thank you to Thor for posting more accurate information in repl >y to my >message.... >Shane Hird discovered it. >You can see his post here: > >http://cert.uni-stuttgart.de/archive/bugtraq/2002/08/msg00224.h >tml > >And you can try a proof-of-concept here: > >http://jscript.dk/2002/8/sec/xphelpdelete.html > >And you can see all of the 20 publicly known unpatched vulnerab >ilities >in Internet Explorer here: > >http://www.pivx.com/larholm/unpatched/ > > >-----Original Message----- >From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] >Sent: Tuesday, September 10, 2002 2:36 PM >Subject: Re: [Full-Disclosure] XP security hole uplddrvinfo.htm > > > >-----BEGIN PGP SIGNED MESSAGE----- >Hash: SHA1 > >Steve Gibson=FUD charlaten www.grcsucks.com > >>Sorry if this has already been posted but I was made aware of >a >> rather >>ugly security hole in Windows XP. >> > >FUD FUD FUD > >>This vulnerability allows the files contained in any specified > >>directory >>on your system to be deleted if you click on a specially forme >d >> URL. >>This URL could appear anywhere: sent in malicious eMail, in a >c >>hat room, >>in a newsgroup posting, on a malicious web page, or even execu >t >>ed when > >Geogie Guninski discovered this long time ago. Major vulnerabi >lity also >exist if user type format command wrong. > >Gibson no skills not discover this. > >>your computer merely visits a malicious web page. It is likely > >>to be >>widely exploited soon. > >Widely exploited soon? Gibson planning something? > >bullshit bullshit bullshit > > >>This vulnerability is so dangerous that it would be irresponsi >b >>le for me >>to say more. Microsoft has known of this problem for months an >d > >FUD FUD FUD bullshit bullshit bullshit. Gibson is marketing. >General >terms high level bullshit mean more consultant dollars. > >> has, >>inexplicably, done nothing before now. Although XP's Service P >a >>ck 1 is >>not small (approx 30 MB for express installation or 140 MB for > >>the >>network install), and even though a much quicker and easier so >l >>ution to >>this problem exists, the only thing I can safely recommend (wi >t >>hout >>revealing too much) is to urge all XP users to somehow obtain >a >>nd >>install Service Pack 1 immediately. (If you have a slow Intern >e >>t >>connection, perhaps a friend can download the executable Servi >c >>e Pack >>file and burn it onto a CD for you?) > >More fud fud fud bullshit bullshit bullshit. Problem fixed wit >h hotfix >not sp1. Gibson very dumb. > >>This problem does not affect any systems other than Windows XP >. >> If you >>have any friends or co-workers running Windows XP, please urge > >>them to >>update their systems' too. Once the details of this vulnerabil >i >>ty have >>leaked through other channels I will provide additional inform >a >>tion. > >Gibson planning leak? Tell friends that Gibson great security >guy and >pay to consult. bullshit bullshit bullshit FUD FUD FUD > >>there is an alternative. There's a file you can rename or dele >t >>e to fix >>the security hole. Here are the steps: >> >>Perform a search for a file on your C drive called "uplddrvinf >o >>.htm." >>Once you've found the file, delete it or rename it. Doing so w >i >>ll not >>hinder your ability to use Windows XP. > >bullshit bullshit bullshit. > >Does not fix problem. Gibson is dumb. > >-----BEGIN PGP SIGNATURE----- >Version: Hush 2.1 >Note: This signature can be verified at https://www.hushtools.c >om > >wlgEARECABgFAj1+RfMRHGdvYmJsZXNAaHVzaC5jb20ACgkQpmwDHEAx56siiwC >gkCxM >SwzADNeDmHjVlFWgxDpK9yoAn3sN5Hqhxdyn9xOAFsdmtRYDN3Vd >=Ok0V >-----END PGP SIGNATURE----- > > > > >Get your free encrypted email at https://www.hushmail.com > Get your free encrypted email at https://www.hushmail.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
