Hello friends, I'm happy and sad in the same time. The NASA websites are patched but they didn't contacted me after i sent the access instructions to advisories, so, i have now the advisory open and a complete action-mail/advisory log for probe and provide the communication between NASA staff and me. __ ACCESS INFORMATION __ Advisory access:
http://advisories.nsrg-security.com/Nasa.gov-MV/ Mail & Action & Advisory Log : http://advisories.nsrg-security.com/Nasa.gov-MV/mail-log.txt ScreenShots: http://advisories.nsrg-security.com/Nasa.gov-MV/screenshots/ __ <<<EOF __ That's all , about one week of work and a very short and strange communication between NASA staff and me. NOTE: not all the things are patched but i think that the most important , it's very possible that the NASA staff will ignore some security holes.... Best regards to all people of Full-Disclosure , Nasa staff ( John ! ) ;-) , every body... ------------------------------- 0x00->Lorenzo Hernandez Garcia-Hierro 0x01->/* not csh but sh */ 0x02->$ PATH=pretending!/usr/ucb/which sense 0x03-> no sense in pretending! __________________________________ PGP: Keyfingerprint 4ACC D892 05F9 74F1 F453 7D62 6B4E B53E 9180 5F5B ID: 0x91805F5B ********************************** No Secure Root Group Security Research Team http://www.nsrg-security.com ______________________ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html