Re: [Full-disclosure] *BSD banner INT overflow vulnerability
Tyop? wrote: > Thinking that respect of standard is pathetic (netiquette here), > will result in all communications, over internet or not, > --> "noise". And the history of F-D shows that F-D is expecially prone to this, this daylasoul moron being just the latest of a string of noise-only contributors. Responsible list members in _any_ unmoderated list don't make the kind of content-free, response-generating posts our latest moron makes. If she posts her inane pointless messages the amount of noise necessarily goes up. If she doesn't make such posts she is therefore responsible for NOT making matters worse. Her posting history shows that ALL she does is increase the noise level, so what should we decide about her? The occasional noise post from an otherwise usually on-topic poster is tolerable, but noise-only posting from morons like daylasoul is not. She should just shut the fuck up until she actually has something to say that is relevant to the list readership... Regards, Nick FitzGerald ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] *BSD banner INT overflow vulnerability
On 11/26/06, Nick FitzGerald <[EMAIL PROTECTED]> wrote: > [EMAIL PROTECTED] wrote: > > -BEGIN PGP SIGNED MESSAGE- > > Hash: SHA1 > > Please maintain a reasonable standard of netiquette when posting. > > Thanks. > Who died and made you list-nanny? > > Oh, that's right no-fucking-one. > > Your pathetic posts contribute nothing but noise to the list -- piss > off... Thinking that respect of standard is pathetic (netiquette here), will result in all communications, over internet or not, --> "noise". -- Tyop? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] *BSD banner INT overflow vulnerability
[EMAIL PROTECTED] wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > On Sun, 26 Nov 2006 01:21:50 -0600 "J.A. Terranson" <[EMAIL PROTECTED]> > wrote: > >On Wed, 22 Nov 2006, Sean Comeau wrote: > > > >> On Wed, Nov 22, 2006 at 12:25:46PM +0300, dead code crew wrote: > >> > > >> > %uname -sir > >> > FreeBSD 6.1-RELEASE GENERIC > >> > %gdb banner > >> > (gdb) r -w 1700 > >> > Program received signal SIGSEGV, Segmentation fault. > >> > 0x01010101 in ?? () > >> > > >> > >> This doesn't crash banner on OpenBSD, > > > >FreeBSD 4.10R doesn't give a shit either. > > > >> and even if it did who cares? What would anyone accomplish by > >making > >> this setuid root? > > > > -bash-2.05b$ ls -al /usr/bin/banner > > -r-xr-xr-x 1 root wheel 16136 May 25 2004 /usr/bin/banner > > > >Good question. > > > >-- > >Yours, > > > >J.A. Terranson > >[EMAIL PROTECTED] > >0xBD4A95BF > > > >"Surely the larger lesson learned from that day is that other men, > >all > >over the world, took inspiration not from the heroism of the > >rescuers in > >New York or the passengers flying over Pennsylvania, but from the > >19 > >hijackers - the twisted brilliance of their scheme and their > >willingness > >to sacrifice their lives to make a political and, as they saw it, > >religious statement." > > > >Richard Corliss/Time Magazine > >11 Aug 2006 > > > >___ > >Full-Disclosure - We believe in it. > >Charter: http://lists.grok.org.uk/full-disclosure-charter.html > >Hosted and sponsored by Secunia - http://secunia.com/ > Please maintain a reasonable standard of netiquette when posting. > Thanks. Who died and made you list-nanny? Oh, that's right no-fucking-one. Your pathetic posts contribute nothing but noise to the list -- piss off... Regards, Nick FitzGerald ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] *BSD banner INT overflow vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sun, 26 Nov 2006 01:21:50 -0600 "J.A. Terranson" <[EMAIL PROTECTED]> wrote: >On Wed, 22 Nov 2006, Sean Comeau wrote: > >> On Wed, Nov 22, 2006 at 12:25:46PM +0300, dead code crew wrote: >> > >> > %uname -sir >> > FreeBSD 6.1-RELEASE GENERIC >> > %gdb banner >> > (gdb) r -w 1700 >> > Program received signal SIGSEGV, Segmentation fault. >> > 0x01010101 in ?? () >> > >> >> This doesn't crash banner on OpenBSD, > >FreeBSD 4.10R doesn't give a shit either. > >> and even if it did who cares? What would anyone accomplish by >making >> this setuid root? > > -bash-2.05b$ ls -al /usr/bin/banner > -r-xr-xr-x 1 root wheel 16136 May 25 2004 /usr/bin/banner > >Good question. > >-- >Yours, > >J.A. Terranson >[EMAIL PROTECTED] >0xBD4A95BF > >"Surely the larger lesson learned from that day is that other men, >all >over the world, took inspiration not from the heroism of the >rescuers in >New York or the passengers flying over Pennsylvania, but from the >19 >hijackers - the twisted brilliance of their scheme and their >willingness >to sacrifice their lives to make a political and, as they saw it, >religious statement." > >Richard Corliss/Time Magazine >11 Aug 2006 > >___ >Full-Disclosure - We believe in it. >Charter: http://lists.grok.org.uk/full-disclosure-charter.html >Hosted and sponsored by Secunia - http://secunia.com/ Please maintain a reasonable standard of netiquette when posting. Thanks. -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 2.5 wpwEAQECAAYFAkVpd7YACgkQ3AEcWsxdEQ496QP/VshMF0rw60R4PnGpNosJN7A+boQn TC1i7J+RaainFCV0vrqxWpRzrhol4raV14KWAxTvq/jwZAcMz18f4j2Y2LmOoFGCrRUR +06y6YkIVGGyoYgu0zzmvyS9hkKXqRv675/fZg45FqW9gGWqJaxJ8vvKaYt87DrP0EJ+ 1G51vxw= =SqM0 -END PGP SIGNATURE- Concerned about your privacy? Instantly send FREE secure email, no account required http://www.hushmail.com/send?l=480 Get the best prices on SSL certificates from Hushmail https://www.hushssl.com?l=485 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] *BSD banner INT overflow vulnerability
On Wed, 22 Nov 2006, Sean Comeau wrote: > On Wed, Nov 22, 2006 at 12:25:46PM +0300, dead code crew wrote: > > > > %uname -sir > > FreeBSD 6.1-RELEASE GENERIC > > %gdb banner > > (gdb) r -w 1700 > > Program received signal SIGSEGV, Segmentation fault. > > 0x01010101 in ?? () > > > > This doesn't crash banner on OpenBSD, FreeBSD 4.10R doesn't give a shit either. > and even if it did who cares? What would anyone accomplish by making > this setuid root? -bash-2.05b$ ls -al /usr/bin/banner -r-xr-xr-x 1 root wheel 16136 May 25 2004 /usr/bin/banner Good question. -- Yours, J.A. Terranson [EMAIL PROTECTED] 0xBD4A95BF "Surely the larger lesson learned from that day is that other men, all over the world, took inspiration not from the heroism of the rescuers in New York or the passengers flying over Pennsylvania, but from the 19 hijackers - the twisted brilliance of their scheme and their willingness to sacrifice their lives to make a political and, as they saw it, religious statement." Richard Corliss/Time Magazine 11 Aug 2006 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] *BSD banner INT overflow vulnerability
Tyop? a écrit : > $ ls -l /usr/bin/banner > -r-xr-xr-x 1 root wheel 9576 Jul 5 2005 /usr/bin/banner > $ > > pfiuuu.. > I'm safe. Thx a lot. > > F34r da banner H4x0r. > > Rofl : you summarized it all : there's a bug, not a security issue thoo. Cheers, endrazine- PS : I suggest posting such bugs with '[XSS]' in the subject, to ease filtering ;) ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] *BSD banner INT overflow vulnerability
On Wed, Nov 22, 2006 at 12:25:46PM +0300, dead code crew wrote: > > %uname -sir > FreeBSD 6.1-RELEASE GENERIC > %gdb banner > (gdb) r -w 1700 > Program received signal SIGSEGV, Segmentation fault. > 0x01010101 in ?? () > This doesn't crash banner on OpenBSD, and even if it did who cares? What would anyone accomplish by making this setuid root? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/