Re: [Full-disclosure] Security Hole Found In Dave's Sock
OMG! It seems the Crank-Bot.A and the Humrlss variant are now being deployed as a polymorphous worm, using the Sock vulnerability as an inital point of infection. The implications are simply enormous...we all knew a "superworm" was just waiting to be developed, but who would have guessed anybody would waste the time to write it! *click click click* Wait a minute...I didn't write that email... " > From: John Smith" oh no...it's too late! I've been compromised! Quickly, protect yourselves from me! I need immediate quarantine! Additionally, I feel it is both my legal and moral responsibililty to completely disclose the nature of the compromise to those potentially affected. If you are a user of the host John Smith, please change your passwords, and begin checking your credit reports. This compromise may be extremely serious. >Can we all shut up now? I know most of you are bored, please try to find something else to occupy yourselves with. I did not sign up to this list for childish banter (even though that is what I get most of the time, this is far exceeding the normal limit). -- ___Sign-up for Ads Free at Mail.com http://www.mail.com/?sr=signup ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
RE: [Full-disclosure] Security Hole Found In Dave's Sock
I concur, It was fun until it got excessive. > -Original Message- > From: John Smith [mailto:[EMAIL PROTECTED] > Sent: September 8, 2005 1:28 PM > To: full-disclosure@lists.grok.org.uk > Subject: Re: [Full-disclosure] Security Hole Found In Dave's Sock > > Can we all shut up now? I know most of you are bored, please try to find > something else to occupy yourselves with. I did not sign up to this list > for childish banter (even though that is what I get most of the time, > this is far exceeding the normal limit). > > > > Raj Mathur wrote: > >>>>>>"Ted" == Ted Frederick <[EMAIL PROTECTED]> writes: > > > > > > Ted> Dear list, I know that this list is not meant for personal > > Ted> promotion but I think I would be remiss if I did not mention > > Ted> that my company has recently released an upgrade to our > > Ted> initial offering of Shoe 1.0. The upgrade to Shoe 2.0 > > Ted> includes a firewall/anti-virus product previously known as > > Ted> Sock 3.4563.v54. > > > > Ted> The upgrade cost is $19.99. There is also a required software > > Ted> assurance subscription of $325.79 monthly. > > > > Ted> If all goes well with the new product I suspect that we will > > Ted> be purchased by a major software vendor before year end thus > > Ted> making updates available on the first Tuesday of every month > > Ted> to protect against further holes. These updates will have > > Ted> vague names with no indication of what they actually fix > > Ted> which should relieve you of sparing any thought to what risks > > Ted> you may have been exposed to prior to the patch. > > > > Ted> Yes, we have in fact thought of everything so you don't have > > Ted> to. > > > > I'm afraid you have fallen into the common trap of suggesting a > > hardwear solution for what is essentially a softwear problem. I'd > > have been much happier to see the softwear vendors acknowledge this > > vulnerability (it's endemic, not specific to one vendor) and offer > > upgrades to their softwear on a regular basis. > > > > I'm making a compilation of socks v5.0 softwear available in the > > market and subjecting them to stress testing; the testing includes > > running 2KM after subjecting the softwear to dipping in Sewer 0.2, > > having /bin/cat /bin/sleep on them for 2 days, and a cron job to > > periodically transfer them to and from a Windows system. The results > > of this testing will be available for a nominal fee(*). > > > > I also suspect that by the end of the testing the softwear will have > > metamorphosed into those elusive WMDs that have been, uh, eluding us > > for so long. > > > > (*) Standard nominal fee is half your kingdom and your daughter's hand > > in marriage). > > > > Regards, > > > > -- Raju > ___ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
RE: [Full-disclosure] Security Hole Found In Dave's Sock
alert toe $EXTERNAL_NET any -> $SNEAKER_NET any (msg:"EXPLOIT: Unauthorized Sock Overflow"; flow:to_Toe,established; content:"/sock/toe"; reference:FullDisclosure,2347; reference:cve,2001-0144; reference:cve,2001-0572; classtype:FootAccess-detect; sid:1324; rev:6;) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Swain, Kenneth Sent: Thursday, September 08, 2005 1:19 PM To: John Kinsella; full-disclosure@lists.grok.org.uk Subject: RE: [Full-disclosure] Secuirty Hole Found In Dave's Sock I have not seen any signatures for snort yet, but I heard that the bleeding snort team is working on it.I have not seen any signatures for snort yet, but I heard that the bleeding snort team is working on it. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of John Kinsella Sent: Thursday, September 08, 2005 12:13 PM To: full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] Secuirty Hole Found In Dave's Sock Is anybody else seeing these attacks? Is this the China hackers again? I think I saw a hole last week, but my logs aren't that great so I'm going to have to go back and double-check. Could this be related to socks disappearing? Anybody have signatures for snort? John On Thu, Sep 08, 2005 at 01:02:09PM -0400, Dave Cawley wrote: > With the work around, putting it on the left foot, the > hole will be ABOVE the small toe and should not enlarge. This > hasn't been verifed yet, but the computer models point to this. > > *** > Dave D. Cawley | > High Speed Internet |The number of Unix installations > Duryea, PA | has grown to 10, with more expected. > (570)451-4311 x104 | - The Unix Programmer's Manual,1972 > [EMAIL PROTECTED] | > *** > URL => http://www.adelphia.net > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Daniel > Sent: Thursday, September 08, 2005 2:53 PM > To: full-disclosure@lists.grok.org.uk > Subject: Re: [Full-disclosure] Secuirty Hole Found In Dave's Sock > > > Hi all, > > I see, that the hole getting greater if you use the socket without any > patches! > > Can anyone verify this? > > kind regards > Daniel > ___ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Security Hole Found In Dave's Sock
Can we all shut up now? I know most of you are bored, please try to find something else to occupy yourselves with. I did not sign up to this list for childish banter (even though that is what I get most of the time, this is far exceeding the normal limit). Raj Mathur wrote: "Ted" == Ted Frederick <[EMAIL PROTECTED]> writes: Ted> Dear list, I know that this list is not meant for personal Ted> promotion but I think I would be remiss if I did not mention Ted> that my company has recently released an upgrade to our Ted> initial offering of Shoe 1.0. The upgrade to Shoe 2.0 Ted> includes a firewall/anti-virus product previously known as Ted> Sock 3.4563.v54. Ted> The upgrade cost is $19.99. There is also a required software Ted> assurance subscription of $325.79 monthly. Ted> If all goes well with the new product I suspect that we will Ted> be purchased by a major software vendor before year end thus Ted> making updates available on the first Tuesday of every month Ted> to protect against further holes. These updates will have Ted> vague names with no indication of what they actually fix Ted> which should relieve you of sparing any thought to what risks Ted> you may have been exposed to prior to the patch. Ted> Yes, we have in fact thought of everything so you don't have Ted> to. I'm afraid you have fallen into the common trap of suggesting a hardwear solution for what is essentially a softwear problem. I'd have been much happier to see the softwear vendors acknowledge this vulnerability (it's endemic, not specific to one vendor) and offer upgrades to their softwear on a regular basis. I'm making a compilation of socks v5.0 softwear available in the market and subjecting them to stress testing; the testing includes running 2KM after subjecting the softwear to dipping in Sewer 0.2, having /bin/cat /bin/sleep on them for 2 days, and a cron job to periodically transfer them to and from a Windows system. The results of this testing will be available for a nominal fee(*). I also suspect that by the end of the testing the softwear will have metamorphosed into those elusive WMDs that have been, uh, eluding us for so long. (*) Standard nominal fee is half your kingdom and your daughter's hand in marriage). Regards, -- Raju ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
RE: [Full-disclosure] Security Hole Found In Dave's Sock
> "Ted" == Ted Frederick <[EMAIL PROTECTED]> writes: Ted> Dear list, I know that this list is not meant for personal Ted> promotion but I think I would be remiss if I did not mention Ted> that my company has recently released an upgrade to our Ted> initial offering of Shoe 1.0. The upgrade to Shoe 2.0 Ted> includes a firewall/anti-virus product previously known as Ted> Sock 3.4563.v54. Ted> The upgrade cost is $19.99. There is also a required software Ted> assurance subscription of $325.79 monthly. Ted> If all goes well with the new product I suspect that we will Ted> be purchased by a major software vendor before year end thus Ted> making updates available on the first Tuesday of every month Ted> to protect against further holes. These updates will have Ted> vague names with no indication of what they actually fix Ted> which should relieve you of sparing any thought to what risks Ted> you may have been exposed to prior to the patch. Ted> Yes, we have in fact thought of everything so you don't have Ted> to. I'm afraid you have fallen into the common trap of suggesting a hardwear solution for what is essentially a softwear problem. I'd have been much happier to see the softwear vendors acknowledge this vulnerability (it's endemic, not specific to one vendor) and offer upgrades to their softwear on a regular basis. I'm making a compilation of socks v5.0 softwear available in the market and subjecting them to stress testing; the testing includes running 2KM after subjecting the softwear to dipping in Sewer 0.2, having /bin/cat /bin/sleep on them for 2 days, and a cron job to periodically transfer them to and from a Windows system. The results of this testing will be available for a nominal fee(*). I also suspect that by the end of the testing the softwear will have metamorphosed into those elusive WMDs that have been, uh, eluding us for so long. (*) Standard nominal fee is half your kingdom and your daughter's hand in marriage). Regards, -- Raju -- Raj Mathur[EMAIL PROTECTED] http://kandalaya.org/ GPG: 78D4 FC67 367F 40E2 0DD5 0FEF C968 D0EF CC68 D17F It is the mind that moves ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Security Hole Found In Dave's Sock
Please note that the following attack vector may be present in any and all "shoe" like devices and systems. http://www.0x90.org/releases/laces0dayAdv.txt Shoe 1.0 - Remote Lace Overflow This Vulnerability is in reference to the new class of remote vulnerabilities indicated in: http://www.securityfocus.com/archive/1/385078/2004-12-19/2004-12-25/2 [Please read that first] Discovery Credited To: -- freshman - 0x90.org wxs - 0x90.org txs - 0x90.org Greets: --- Jonathan T. Rockway for being the smartest man alive. Description: A remote shoe vulnerability exists that could allow for remote tripping and possible exposure of sensitive data to the pavement. Scope: -- REMOTE Severity: - Hyper-Critical. This needs no explanation. Vulnerability: -- Failure to properly tie your shoe could result in tripping and a possible broken face upon sudden deceleration when hitting the pavement. Vulnerable Sizes: - 6 through 13. Other sizes may be vulnerable, but were unavailable for testing. Exploitation: - You have a 100% secure walking system - you do not fall down, or trip over your own laces. A remote attacker could determine your shoe size by reading your livejournal FROM THE NETWORK and could MAIL YOU a shoe with extra long laces. You put the shoe on without tying it properly and suddenly are exposed to a REMOTE shoe vulnerability! Fix: Do not wear untrusted shoes sent to you. Other possible workarounds include sandals (aka. flip-flops). These are a good work-around and are widely available for those concerned about their security. Vendor Notification: Vendors were not notified at the time of this writing. We have choosen not to give advance notice because the fault is not always with the vendor of the shoe as a REMOTE PERSON could SNAIL MAIL a LOCAL USER a vulnerable shoe. We at 0x90.org believe that the users should be happy they were notified about this. Imagine the mass destruction and chaos that would ensue if we unleashed a REMOTE SHOE VULNERABILITY WORM into the wild. At this time we have choosen not to do that, mostly because we can not afford all the stamps to mail vulnerable shoes to the public. props to the 0x90 guys for identifying, analyzing and releasing this critical information, if it wasn't for ground breakers such as this the interwebz may end up being destroyed by such careless systems engineering. Dre On 9/8/05, y0himba <[EMAIL PROTECTED]> wrote: > Is "Shoe 20" a hardened foot protection? > > -Original Message- > From: Ted Frederick [mailto:[EMAIL PROTECTED] > Sent: Thursday, September 08, 2005 12:55 PM > To: y0himba; full-disclosure@lists.grok.org.uk; Dan Mack; Tim Doyle > Subject: RE: [Full-disclosure] Security Hole Found In Dave's Sock > > Dear list, > > I know that this list is not meant for personal promotion but I think I > would be remiss if I did not mention that my company has recently released > an upgrade to our initial offering of Shoe 1.0. The upgrade to Shoe 2.0 > includes a firewall/anti-virus product previously known as Sock 3.4563.v54. > > The upgrade cost is $19.99. There is also a required software assurance > subscription of $325.79 monthly. > > If all goes well with the new product I suspect that we will be purchased by > a major software vendor before year end thus making updates available on the > first Tuesday of every month to protect against further holes. These > updates will have vague names with no indication of what they actually fix > which should relieve you of sparing any thought to what risks you may have > been exposed to prior to the patch. > > Yes, we have in fact thought of everything so you don't have to. > > Ted > > > > > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of y0himba > Sent: Thursday, September 08, 2005 12:44 PM > To: full-disclosure@lists.grok.org.uk > Subject: RE: [Full-disclosure] Secuirty Hole Found In Dave's Sock > > What version socks are these? What type? 4? 4a? 5? > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Dave Cawley > Sent: Thursday, September 08, 2005 12:29 PM > To: Craig, Tobin (OIG); full-disclosure@lists.grok.org.uk > Subject: RE: [Full-disclosure] Secuirty Hole Found In Dave's Sock > > It's hard to get the socks from different pairs to sync up. > This can cause confusion for people viewing the socks and in turn cause a > high volume of inquiries to the system administrator. > But I'll give i
RE: [Full-disclosure] Security Hole Found In Dave's Sock
Will "Shoe 2.0" protection from those ugly little trolls? The ones that like to nip? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of miah Sent: Thursday, September 08, 2005 1:01 PM To: full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] Security Hole Found In Dave's Sock Ok you've all had your fun now can you all shut the hell up? Thanks -miah On Thu, Sep 08, 2005 at 12:58:31PM -0400, y0himba wrote: > Is "Shoe 20" a hardened foot protection? > > -Original Message- > From: Ted Frederick [mailto:[EMAIL PROTECTED] > Sent: Thursday, September 08, 2005 12:55 PM > To: y0himba; full-disclosure@lists.grok.org.uk; Dan Mack; Tim Doyle > Subject: RE: [Full-disclosure] Security Hole Found In Dave's Sock > > Dear list, > > I know that this list is not meant for personal promotion but I think > I would be remiss if I did not mention that my company has recently > released an upgrade to our initial offering of Shoe 1.0. The upgrade > to Shoe 2.0 includes a firewall/anti-virus product previously known as Sock 3.4563.v54. > > The upgrade cost is $19.99. There is also a required software > assurance subscription of $325.79 monthly. > > If all goes well with the new product I suspect that we will be > purchased by a major software vendor before year end thus making > updates available on the first Tuesday of every month to protect > against further holes. These updates will have vague names with no > indication of what they actually fix which should relieve you of > sparing any thought to what risks you may have been exposed to prior to the patch. > > Yes, we have in fact thought of everything so you don't have to. > > Ted ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
RE: [Full-disclosure] Security Hole Found In Dave's Sock
That's a good point Dave. Have you tried rebooting? ___ Tobin Craig, MRSC, CISSP, SCERS, EnCE, CCE IT Forensic Director, Computer Crimes and Forensics Department of Veterans Affairs Office of Inspector General 801 I Street NW Washington DC 20001 Tel: 202 565 7702 Fax: 202 565 7630 ___ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ted Frederick Sent: Thursday, September 08, 2005 12:55 PM To: y0himba; full-disclosure@lists.grok.org.uk; Dan Mack; Tim Doyle Subject: RE: [Full-disclosure] Security Hole Found In Dave's Sock Dear list, I know that this list is not meant for personal promotion but I think I would be remiss if I did not mention that my company has recently released an upgrade to our initial offering of Shoe 1.0. The upgrade to Shoe 2.0 includes a firewall/anti-virus product previously known as Sock 3.4563.v54. The upgrade cost is $19.99. There is also a required software assurance subscription of $325.79 monthly. If all goes well with the new product I suspect that we will be purchased by a major software vendor before year end thus making updates available on the first Tuesday of every month to protect against further holes. These updates will have vague names with no indication of what they actually fix which should relieve you of sparing any thought to what risks you may have been exposed to prior to the patch. Yes, we have in fact thought of everything so you don't have to. Ted -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of y0himba Sent: Thursday, September 08, 2005 12:44 PM To: full-disclosure@lists.grok.org.uk Subject: RE: [Full-disclosure] Secuirty Hole Found In Dave's Sock What version socks are these? What type? 4? 4a? 5? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dave Cawley Sent: Thursday, September 08, 2005 12:29 PM To: Craig, Tobin (OIG); full-disclosure@lists.grok.org.uk Subject: RE: [Full-disclosure] Secuirty Hole Found In Dave's Sock It's hard to get the socks from different pairs to sync up. This can cause confusion for people viewing the socks and in turn cause a high volume of inquiries to the system administrator. But I'll give it the old college try. Thanks for the input! *** Dave D. Cawley | High Speed Internet |The number of Unix installations Duryea, PA | has grown to 10, with more expected. (570)451-4311 x104 | - The Unix Programmer's Manual,1972 [EMAIL PROTECTED] | *** URL => http://www.adelphia.net ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
RE: [Full-disclosure] Security Hole Found In Dave's Sock
Not out of the box. However there are several third party add-ons to provide some extra protection. I will pass your suggestion on to our developers so that we can keep in mind a hardened foot protection in future releases. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of y0himba Sent: Thursday, September 08, 2005 12:59 PM To: full-disclosure@lists.grok.org.uk Subject: RE: [Full-disclosure] Security Hole Found In Dave's Sock Is "Shoe 20" a hardened foot protection? -Original Message- From: Ted Frederick [mailto:[EMAIL PROTECTED] Sent: Thursday, September 08, 2005 12:55 PM To: y0himba; full-disclosure@lists.grok.org.uk; Dan Mack; Tim Doyle Subject: RE: [Full-disclosure] Security Hole Found In Dave's Sock Dear list, I know that this list is not meant for personal promotion but I think I would be remiss if I did not mention that my company has recently released an upgrade to our initial offering of Shoe 1.0. The upgrade to Shoe 2.0 includes a firewall/anti-virus product previously known as Sock 3.4563.v54. The upgrade cost is $19.99. There is also a required software assurance subscription of $325.79 monthly. If all goes well with the new product I suspect that we will be purchased by a major software vendor before year end thus making updates available on the first Tuesday of every month to protect against further holes. These updates will have vague names with no indication of what they actually fix which should relieve you of sparing any thought to what risks you may have been exposed to prior to the patch. Yes, we have in fact thought of everything so you don't have to. Ted -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of y0himba Sent: Thursday, September 08, 2005 12:44 PM To: full-disclosure@lists.grok.org.uk Subject: RE: [Full-disclosure] Secuirty Hole Found In Dave's Sock What version socks are these? What type? 4? 4a? 5? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dave Cawley Sent: Thursday, September 08, 2005 12:29 PM To: Craig, Tobin (OIG); full-disclosure@lists.grok.org.uk Subject: RE: [Full-disclosure] Secuirty Hole Found In Dave's Sock It's hard to get the socks from different pairs to sync up. This can cause confusion for people viewing the socks and in turn cause a high volume of inquiries to the system administrator. But I'll give it the old college try. Thanks for the input! *** Dave D. Cawley | High Speed Internet |The number of Unix installations Duryea, PA | has grown to 10, with more expected. (570)451-4311 x104 | - The Unix Programmer's Manual,1972 [EMAIL PROTECTED] | *** URL => http://www.adelphia.net ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Security Hole Found In Dave's Sock
Ok you've all had your fun now can you all shut the hell up? Thanks -miah On Thu, Sep 08, 2005 at 12:58:31PM -0400, y0himba wrote: > Is "Shoe 20" a hardened foot protection? > > -Original Message- > From: Ted Frederick [mailto:[EMAIL PROTECTED] > Sent: Thursday, September 08, 2005 12:55 PM > To: y0himba; full-disclosure@lists.grok.org.uk; Dan Mack; Tim Doyle > Subject: RE: [Full-disclosure] Security Hole Found In Dave's Sock > > Dear list, > > I know that this list is not meant for personal promotion but I think I > would be remiss if I did not mention that my company has recently released > an upgrade to our initial offering of Shoe 1.0. The upgrade to Shoe 2.0 > includes a firewall/anti-virus product previously known as Sock 3.4563.v54. > > The upgrade cost is $19.99. There is also a required software assurance > subscription of $325.79 monthly. > > If all goes well with the new product I suspect that we will be purchased by > a major software vendor before year end thus making updates available on the > first Tuesday of every month to protect against further holes. These > updates will have vague names with no indication of what they actually fix > which should relieve you of sparing any thought to what risks you may have > been exposed to prior to the patch. > > Yes, we have in fact thought of everything so you don't have to. > > Ted ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
RE: [Full-disclosure] Security Hole Found In Dave's Sock
Is "Shoe 20" a hardened foot protection? -Original Message- From: Ted Frederick [mailto:[EMAIL PROTECTED] Sent: Thursday, September 08, 2005 12:55 PM To: y0himba; full-disclosure@lists.grok.org.uk; Dan Mack; Tim Doyle Subject: RE: [Full-disclosure] Security Hole Found In Dave's Sock Dear list, I know that this list is not meant for personal promotion but I think I would be remiss if I did not mention that my company has recently released an upgrade to our initial offering of Shoe 1.0. The upgrade to Shoe 2.0 includes a firewall/anti-virus product previously known as Sock 3.4563.v54. The upgrade cost is $19.99. There is also a required software assurance subscription of $325.79 monthly. If all goes well with the new product I suspect that we will be purchased by a major software vendor before year end thus making updates available on the first Tuesday of every month to protect against further holes. These updates will have vague names with no indication of what they actually fix which should relieve you of sparing any thought to what risks you may have been exposed to prior to the patch. Yes, we have in fact thought of everything so you don't have to. Ted -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of y0himba Sent: Thursday, September 08, 2005 12:44 PM To: full-disclosure@lists.grok.org.uk Subject: RE: [Full-disclosure] Secuirty Hole Found In Dave's Sock What version socks are these? What type? 4? 4a? 5? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dave Cawley Sent: Thursday, September 08, 2005 12:29 PM To: Craig, Tobin (OIG); full-disclosure@lists.grok.org.uk Subject: RE: [Full-disclosure] Secuirty Hole Found In Dave's Sock It's hard to get the socks from different pairs to sync up. This can cause confusion for people viewing the socks and in turn cause a high volume of inquiries to the system administrator. But I'll give it the old college try. Thanks for the input! *** Dave D. Cawley | High Speed Internet |The number of Unix installations Duryea, PA | has grown to 10, with more expected. (570)451-4311 x104 | - The Unix Programmer's Manual,1972 [EMAIL PROTECTED] | *** URL => http://www.adelphia.net ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
RE: [Full-disclosure] Security Hole Found In Dave's Sock
Dear list, I know that this list is not meant for personal promotion but I think I would be remiss if I did not mention that my company has recently released an upgrade to our initial offering of Shoe 1.0. The upgrade to Shoe 2.0 includes a firewall/anti-virus product previously known as Sock 3.4563.v54. The upgrade cost is $19.99. There is also a required software assurance subscription of $325.79 monthly. If all goes well with the new product I suspect that we will be purchased by a major software vendor before year end thus making updates available on the first Tuesday of every month to protect against further holes. These updates will have vague names with no indication of what they actually fix which should relieve you of sparing any thought to what risks you may have been exposed to prior to the patch. Yes, we have in fact thought of everything so you don't have to. Ted -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of y0himba Sent: Thursday, September 08, 2005 12:44 PM To: full-disclosure@lists.grok.org.uk Subject: RE: [Full-disclosure] Secuirty Hole Found In Dave's Sock What version socks are these? What type? 4? 4a? 5? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dave Cawley Sent: Thursday, September 08, 2005 12:29 PM To: Craig, Tobin (OIG); full-disclosure@lists.grok.org.uk Subject: RE: [Full-disclosure] Secuirty Hole Found In Dave's Sock It's hard to get the socks from different pairs to sync up. This can cause confusion for people viewing the socks and in turn cause a high volume of inquiries to the system administrator. But I'll give it the old college try. Thanks for the input! *** Dave D. Cawley | High Speed Internet |The number of Unix installations Duryea, PA | has grown to 10, with more expected. (570)451-4311 x104 | - The Unix Programmer's Manual,1972 [EMAIL PROTECTED] | *** URL => http://www.adelphia.net ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
RE: [Full-disclosure] Security Hole Found In Dave's Sock
This vuln was already released on 7/21/05 by Thor. Please don't take credit for other people's findings. -Original Message- From: Dave Cawley [mailto:[EMAIL PROTECTED] Sent: Thu Sep 08 09:11:22 2005 To: full-disclosure@lists.grok.org.uk Subject:[Full-disclosure] Secuirty Hole Found In Dave's Sock Date: 9/8/2005 Vulnerability Found:Hole In Dave's Socket Affected System:Dave's Right Sock Severity: Rating: Moderately Critical Impact: System access Where: Foot Description of Vulnerability: This morning while putting my socks on I found a small (1/4 inch) hole by my big toe. This could be exploited by a virus through the bottom of the foot or under the toe nail. This could be used to compromise Dave's entire system. Solution: No permanent solution is currently available. A work around is to wear the sock on the other foot to have the hole above the small toe where it will not be furthur enlarged, it will proboably fold over and partially cover the vulnerability. Permanent solution coming in either a sock darning or upgrading the unit to a new sock. Time Table: Found at 7:48am on Sept 8th, 1005 Work around figured out at 7:49am on Sept 8th, 2005 Permanent Solution Pending Credits:Found by Dave References: No references available. *** Dave D. Cawley | High Speed Internet |The number of Unix installations Duryea, PA | has grown to 10, with more expected. (570)451-4311 x104 | - The Unix Programmer's Manual,1972 [EMAIL PROTECTED] | *** URL => http://www.adelphia.net ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
