Re: [Full-Disclosure] IMPORTANT SECURITY ADVISORY PLEASE READ!

Wed, 11 Sep 2002 13:12:52 -0700 

Perhaps its time for a second list.

Full-disclosure-humor :)

----- Original Message -----
From: "Percival, Ray" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Wednesday, September 11, 2002 3:51 PM
Subject: RE: [Full-Disclosure] IMPORTANT SECURITY ADVISORY PLEASE READ!


> There is also the one where a guy with a stick sneaks up behind you and
hits you on the head then does bad things to your system. Watch out for this
one. :)
>
> Ray
>
> -----Original Message-----
> From: segfault
> Sent: Wednesday, September 11, 2002 12:48 PM
> To: [EMAIL PROTECTED]
> Subject: [Full-Disclosure] IMPORTANT SECURITY ADVISORY PLEASE READ!
>
>
>
>  V4GU3-Disclosure
>  http://www.imprettysure.com
>
>  !Security Advisory!
>
>  Advisory Name: This could be bad.
>
>  Application: A widely used daemon.
>
>  Platform: A widely used platform.
>
>  Date:  9.11.02
>
>  Severity: We speculate attacker could potentially do very bad things
>    to you're machine if you do not immediately download the
>    security patch from a website we're not sure exists.
>
>  Overview: This service listens on a port and waits for a connection
>    from a client, then the service retrieves authentication
>    information from the client.  Once authenticated, the client
>    can use the service.
>
>  Description: Exploitation of a bug in this service could give an attacker
>    ROOT level access to an unpatched machine.  We're pretty sure
>    the bug is a buffer overflow somewhere, but we know for
>    certain it is exploitable, and is very dangerous.
>
>  Exploit: /* exploit.c by V4GU3-Disclosure staff.
>
>       This program must be run for the exploit to work.
>
>       Suggested arguments are:  +vxz 49
>
>       Make sure you are ROOT when you run this!
>
>    */
>
>    #include <stdio.h>
>    #include <somethingimportant.h>
>    #include <ifyoudontincludethisitwontwork.h>
>    #include <rootkit.h>
>
>    int main()
>    {
>     printf("FUCKING OWNED!")
>     return(0);
>    }
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>
>


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Reply via email to