- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones never use mirrors?
--- 2005-01-27 20:31 --
http://lcamtuf.coredump.cx/photo/current/
___
Full-Disclosure - We believe in it.
Cha
hat regard. IIRC, we did not see advisories or vendor fixes for mangleme
flaws in Konqueror / Safari, [e]links, lynx, elvis, w3m and other
browsers... the difference is, Mozilla/Firefox is becoming a mainstream
tool.
--
- bash$ :(){ :|:&};: --
Michal Zalewski * [http://
On Wed, 29 Dec 2004, Lennart Hansen wrote:
> $ ls -l /home/xenzeo/file
> ls: file: No such file or directory
This is an obvious fake. Were the log real, the last line should read:
ls: /home/xenzeo/file: No such file or directory
The world is saved.
--
http://lcamtuf.coredump.cx/
_
iewpoint is truly superior. But, if on a
full-disclosure list, one chooses to pass as a de facto moral standard a
practice specifically favorable for and favored by companies that would be
best off marginalizing security disclosure and associated publicity - we
have a problem.
--
---
s before
being spotted.
--
- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones never use mirrors?
--- 2004-11-11 16:12 --
http://lcamtuf.coredum
give vendors up to or over
six months to fix a problem? Doubtly so, because a frail balance is easily
destroyed by an accident such as this one - where no malicious intent came
into play, really.
--
----- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.c
did not check with them.
--
- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones never use mirrors?
--- 2004-11-08 21:35 --
http://lcamtuf.coredump.cx/photo/current/
s much as I am not a rabid Microsoft hater, this pissed me off more than
a bit.
--
----- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones never use mirrors?
--- 2004-11-08 15:09 --
http://lca
On Mon, 1 Nov 2004, Chintan Trivedi wrote:
> GET / HTTP/1.0\n
> [space] x 8000\n
> [space] x 8000\n
> [space] x 8000\n
> .
> .
> 8000 times
> I created 25 threads (connections) and send the above request to one
> webserver.
This is circa 1.5 GB of data (61 MB per connection), at which point you
download http://lcamtuf.coredump.cx/soft/mangleme.tgz for
version 1.2.
--
- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones never use mirrors?
--- 2004-10-23 00:11 --
http://lcamtuf.coredum
lar, making it practical to write malware that
targets it; it is rather pointless to "phish" using a lynx address
obfuscation vulnerability ;-)
Third, I generally do not use Windows.
--
- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
e
browsers; I did not say this, and I do not have any agenda to push. It's
really disappointing to get so much hate mail when objective results
suggest one thing, and be well received when they point the other way (at
Microsoft, Sendmail, etc).
--
--------- bash
eating ;)
Thanks,
--
----- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones never use mirrors?
--- 2004-10-18 12:35 --
http://lcamtuf.coredump.cx/photo/current/
ure reliability, rather than some added performance.
--
- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones never use mirrors?
--- 2004-10-17 13:29 --
http://lcamtuf.coredump.cx/photo/current/
ersion, though of course
it's not a good idea to trust the press on technical issues.
Until we know more, getting into an off-topic, groundless flamewar is not
needed.
--
- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you k
On Fri, 24 Sep 2004, ASB wrote:
> "The servers are timed to shut down after 49.7 days of use in order to
> prevent a data overload, a union official told the LA Times."
>
> How you managed to read "OS failure" into this is rather astounding...
The statement above, even though either cleverly disg
Good morning,
I am proud to announce the availability of fakebust 0.1 beta. Fakebust is
a simple, open-source, user-friendly, intuitive and very rapid malicious
code analyzer that can partly replace and in certain aspects outperform an
expensive, strictly controlled sandbox setup.
The tool can be
Exposure:
Remote root compromise through buffer handling flaws
Confirmed vulnerable:
Up-to-date Debian 3.0 woody (issue is Debian-specific)
Debian netkit-telnet-ssl-0.17.24+0.1 package
Debian netkit-telnet-ssl-0.17.17+0.1 package
Mitigating factors:
Telnet service must be running an
----- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones never use mirrors?
--- 2004-07-01 20:57 --
http://lcamtuf.coredump.cx/photo/current/
___
Full-Disclosur
ily the product
is bogus, but it does not look too professional either...
But then maybe it's better when it comes to detecting spyware.
--
- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones never use mirrors?
--
On Fri, 4 Jun 2004 [EMAIL PROTECTED] wrote:
> Anyone know anyone at weather.com?
No, but I must share that I am perhaps for the first time on this list
truly scared of what you might have discovered.
A weather control exploit?
--
- bash$ :(){ :|:&};: --
difference that makes the attack IMO a bit more of a
concern in a typical setup, which is still not to say I will lose sleep
over it.
Cheers,
--
----- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones never use mirrors?
-
munications (even the problem of distinguishing
between message body and message headers can be an example).
Cheers,
--
----- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones never use mirrors?
IDS setup (span port or
bridge mode).
> A packet which is not accepted by the recipient will not elicit an ACK
> frame.
One that is does not have to do this, either. Window size, etc.
--
- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
D
pecific products and their vulnerability. It is obvious you
may configure some networks to mitigate such attacks, deploy third-party
solutions to detect them, or accept some false positives in certain
environments.
Thanks,
--
----- bash$ :(){ :|:&};: --
Michal Zalewski * [
;s usually nothing wrong with the
underlying term itself, but at some point, it is safer not to use it
unless absolutely necessary, or truly justified ;-) In this particular
context, I suppose we were better off without defining and quantifying
risk ;-)
--
- bash$ :(){ :|:
stranger.
--
----- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones never use mirrors?
--- 2004-05-10 16:47 --
http://lcamtuf.coredump.cx/photo/current/
___
good to see
some kludges intended to mitigate it a bit.
--
----- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones never use mirrors?
--- 2004-04-20 21:05 --
.
--
----- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones never use mirrors?
--- 2004-04-18 19:30 --
http://lcamtuf.coredump.cx/photo/current/
___
Full-Dis
zement on this list.
--
- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones never use mirrors?
--- 2004-04-16 17:17 --
http://lcamtuf.coredump.cx/
On Sat, 3 Apr 2004, Michael Cecil wrote:
> There are? Show us one.
>> http://www.periphman.com/degaussing/degaussers/v92.shtml
> This is for tapes.
Good... now actually read the page. It supports various types of storage,
including tapes and hard disks.
V92 DIGI TAPE MASTER DEGAUSSER
HARD
On Sat, 3 Apr 2004, Michal Zalewski wrote:
> http://lcamtuf.coredump.cx/soft/therev.tgz
Just by the way, for those of you who are more paranoid than They want you
to be, running it against *.gov looking for phrases such as
cyber-terrorism or homeland security yields some neat stuff ;-)
ket, some of them certified and used by fairly reputable organizations:
http://www.periphman.com/degaussing/degaussers/v92.shtml
--
----- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones never use mirrors?
-
Hi,
After my short write-up on results of automated change tracking data
recovery for Microsoft Word documents found at microsoft.com [1], I've
received a couple of inquiries from pen-testers who asked me about the
tool I used to find the data, and stated that something like this would be
a good a
I've put up a quick and fairly entertaining (or so I hope) analysis of
some of the artifacts of "change tracking" mechanism you can find in
Microsoft's own .DOC publications.
http://lcamtuf.coredump.cx/strikeout/
Just to serve as a warning - anyone willing to code an automated change
tracking
- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones never use mirrors?
--- 2004-03-21 00:37 --
http://lcamtuf.coredump.cx/photo/current/
___
Full-Disclosure - We believe in it.
Cha
Unlike many other systems, however, Linux in fact DOES NOT obey this
limit, and returns more. Technically speaking, this is a specification
(standards compliance?) problem in Linux - although this guy most
definitely could be more careful.
--
----- bash$ :(){ :|:&};:
ced vulnerabilities in them.
--
- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones never use mirrors?
--- 2004-02-18 22:43 --
http://lcamtuf.coredump.cx/photo/current/
___
opposite. An aggressive worm
may quite efficiently bring down large parts of critical infrastructure by
simply overloading systems and networks. But then, it would be no
different from Nachi and whatnot, and there's nothing about ASN.1 to it.
--
----- bash$ :(){ :|
On Fri, 13 Feb 2004, Steve Wray wrote:
> Actually, isn't that what DRM is all about?
No, not in the real world.
Here's a good hint: hire reasonable people, treat them well. To help them
help you, establish access policies, keep admins accountable, and track
access rights. Require more than one p
http://cert.uni-stuttgart.de/archive/bugtraq/2000/03/msg00365.html
Cheers,
--
- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones never use mirrors?
--- 2004-01-20 01:57 --
http://lcamtuf.coredum
close this
type of stuff, as only a couple of folks are going to realize
what you are talking about to start with.
Just my $.02.
--
----- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones never use mirrors
d, if some environment flag is set;
and so on. I would not be shocked if some linker decides to do it at some
point.
--
----- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones never use mirrors?
-
http://cert.uni-stuttgart.de/archive/bugtraq/2000/03/msg00365.html
Cheers,
--
- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones never use mirrors?
--- 2004-01-20 01:57 --
http://lcamtuf.coredum
ate the risk (I wouldn't jump the gun and
claim it renders the technique entirely useless, though), but then it is
possible to bypass many proxies by using https web bugs.
Any thoughts? Is the technique something new?
--
- bash$ :(){ :|:&};: --
Michal Zalewski * [ht
ate the risk (I wouldn't jump the gun and
claim it renders the technique entirely useless, though), but then it is
possible to bypass many proxies by using https web bugs.
Any thoughts? Is the technique something new?
--
- bash$ :(){ :|:&};: --
Michal Zalewski * [ht
xec partitions? hope
not).
--
- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones never use mirrors?
--- 2004-01-19 19:58 --
http://lcamtuf.coredump.cx/photo/current/
instant root exploits:
http://cert.uni-stuttgart.de/archive/bugtraq/2003/07/msg00014.html
This was largely ignored by the maintainers, as far as I can tell.
--
- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know tha
);
2.x releases, OTOH, are plagued by many different compile-time crash
vectors, or constructions that lead to invalid code - this one is not
an exception...
--
- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones never u
thing you suggested
is going to be implemented for BorderWare, and a functionality present for
long years on systems like Linux)..
Cheers,
--
- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones neve
no DF-ignoring
devices en route (and no proxies that do not use PMTUD).
--
- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones never use mirrors?
--- 2003-12-14 15:01 --
http://lcamtuf.co
- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones never use mirrors?
--- 2003-12-14 10:24 --
http://lcamtuf.coredump.cx/photo/current/
___
Full-Disclosure - We believe in it.
Cha
You need to
send a fragment (not an entire packet), and to exploit the vulnerability,
it is perfectly fine for the packet to be reassembled by the recipient's
firewall - it does not have to go through as-is.
--
- bash$ :(){ :|:&};: --
Michal Zalewski * [http://l
bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones never use mirrors?
--- 2003-12-12 18:18 --
http://lcamtuf.coredump.cx/photo/current/
___
Full-Disclosure - We believe in it.
ms with this feature.
--
- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones never use mirrors?
---
http://lcamtuf.coredump.cx/photo/current/
[*] Let's just say I do not have time to poke random so
a threat one should lose sleep over, either, but the
fact is, it makes session data injection considerably easier than with ISN
guessing.
--
----- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones never use mirrors?
-
her tricks that used fragmentation to fool IDSes and so on -
mandatory defragmentation of incoming traffic on perimeter devices will
not solve the problem.
Cheers,
--
- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that
n a href tag, as opposed to
using JavaScript or alikes?
--
----- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones never use mirrors?
--- 2003-12-09 22:38 --
http://lc
ur root
password... and this is sort of bogus.
--
----- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones never use mirrors?
--- 2003-12-07 01:56 --
http://lcamtuf.coredump.cx/photo/current/
_
mplemented
by default with no particular impact on the base functionality. It is just
that people and vendors do not feel like doing it, with very few
exceptions.
--
- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones nev
gh) - and is also more risky, I imagine.
--
- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones never use mirrors?
--- 2003-12-06 18:27 --
http://lcamtuf.coredump.cx/
On Wed, 26 Nov 2003, Jeremiah Cornelius wrote:
> And a mandatory system profile in /etc , which aliases ln as 'ln -s'
> might help. One for each valid shell.
You must be kidding, surely?
--
- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.
otely secure
against local attacks targeting other unprivileged users - and even then,
it is usually possible to DoS the system or other users or cause other
inconvenience and security exposure. As such, I doubt this will get
noticed and patched.
Cheers,
--
----- bash$ :(){ :|:&
ething I would recommend for running on a on-firewall
gateway... stripped down or not.
--
----- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones never use mirrors?
--- 2003-11-19 09:09 --
get their grubby little fingers on something good
> and run it into the ground.
Well, getting your posts bounced back does not sound like a corporate
conspiracy ;-)
--
- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that
bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones never use mirrors?
--- 2003-10-25 21:25 --
http://lcamtuf.coredump.cx/photo/current/
___
Full-Disclosure - We believe in it.
curity (you think IBM
> recommended Linux without going over every single line of code?)
Yes.
That said, from now on, we are on a crash course to a pointless flame
war, I'm going to shut up now.
--
- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.c
king it worse.
It's just a matter of how easy it is to properly configure and secure your
system (far beyond downloading most recent patches), and how much control
_and_ supervision you're given over this process.
Popular Linux releases do not score remarkably higher than other
well-known OSes
y to look at it in more
detail. I sincerely doubt there is an exploit making rounds, but damnit,
do patch your systems - you do not even have to reboot.
--
- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones never use m
If it is exploitable and there is an exploit, the public will sooner or
later find out, don't force it if there is no good reason...
--
- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones never use
t
which point, you are home.
--
----- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones never use mirrors?
--- 2003-10-21 09:14 --
http://lcamtuf.coredump.cx/photo/current/
___
of RAM for $" are flawed - yes,
you can, and then you still can store some extra on the network.
I think the thread long deserves to die, though - we're essentially
reiterating two opposite views: some people do see some potential for this
approach, others don't.
--
-
ll means - you are free to judge it and to
disagree; I would simply prefer if you could give it a chance.
Cheers,
--
- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones never use mirrors?
--- 2003-1
ll means - you are free to judge it and to
disagree; I would simply prefer if you could give it a chance.
Cheers,
--
- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones never use mirrors?
--- 2003-1
s... and still has nothing to do with the fact that
(limited) deniability, assured destruction on disconnect storage media may
have some interesting privacy implications, and this is what we try to
point out in the paper.
--
- bash$ :(){ :|:&};: --
Michal Zalewski * [ht
Cheers,
--
--------- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones never use mirrors?
--- 2003-10-08 19:49 --
http://lcamtuf.coredump.cx/photo/current/
___
Ful
this, reading the paper is usually a good idea
before ridiculing it...
Cheers,
--
- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones never use mirrors?
--- 2003-10-08 20:11 --
http://lcamtuf.coredump
duct that has the same functionality and a
nice GUI.
--
----- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones never use mirrors?
--- 2003-09-30 10:59 --
rmined enough to remove firewalling on their box, but to
protect the clueless and their data.
--
- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones never use mirrors?
--- 2003-09-29 09:47 --
e extensive access control
mechanisms that go beyond archaic root-and-user separation.
The problems with deploying this usually originate from beyond the
technology space, once again.
--
- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you kn
ridiculously expensive "firewall switches" that are
IP-aware and enable per-port separation and firewalling...
The technology is there. It takes some effort to use it and do it
correctly, of course.
--
----- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtu
ackets?
--
- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones never use mirrors?
--- 2003-09-25 12:07 --
http://lcamtuf.coredump.cx/photo/current/
___
Full-Disclosure - We
ore being bounced. Admittably, they can also use it to gather
information about senders and recipients... but that's old news.
--
- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones never use mirrors?
-
are the vendors
really naughty?
--
- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones never use mirrors?
--- 2003-09-22 20:08 --
___
Full-Disclosur
le to exploit on anything but some lesser systems (and even then,
only a DoS). I can be wrong, of course, and there might be something wrong
with the rest of the world.
Any thoughts?
--
- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did
will also be triggered by
background downloads, etc.
I do not want to exaggerate the impact of this vulnerability, the amount
of data disclosed is fairly low, but it's still quite cool.
Cheers,
--
- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.co
return NULL;
}
--
- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones never use mirrors?
--- 2003-09-16 21:18 --
e of.
So there is no big deal, but the tool is an advance in this field, I
believe, and is the only seriously maintained and extended implementation
in the open-source area (and probably in the closed-source world, too)...
live with it ;-)
--
- bash$ :(){ :|:&};
way, though, send a really weird TCP/IP SYN packet with
odd options and flags, and wait... if the curious user nmaps you back...
;-)
--
- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones never use mirrors?
-
ult to promisc mode anymore (for performance
reasons and so on).
--
- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones never use mirrors?
--- 2003-09-04 22:01 --
__
I am proud to announce the new stable version of p0f, 2.0.1, a complete
rewrite of the original open-source tool released back in 2000, and a
major step for the utility.
I apologize for posting to all the forums, and leave it to the moderators
to accept or drop this post - but I believe the tool
I am proud to announce the new stable version of p0f, 2.0.1, a complete
rewrite of the original open-source tool released back in 2000, and a
major step for the utility.
I apologize for posting to all the forums, and leave it to the moderators
to accept or drop this post - but I believe the tool
uable data for the beta.
http://lcamtuf.coredump.cx/p0f-help/
Thank you,
--
- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones never use mirrors?
--- 2003-08
SS-NOP from a system with MSS-NOP,
- Generic last-chance signatures to detect OS groups,
- Better fingerprint file structure,
- Some other improvements, including a minor option parsing
glitch...
Thanks for your feedback.
--
- bash$ :(){ :|:&};: --
ce, and no program depends on how fast the data is
available for its normal operation.
--
----- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones never use mirrors?
--- 2003-08-15 01:01 --
__
by a trusted hardware and
OS.
*If* there is a difference in how the media is handled, or if there is a
physical or cryptographical method of ensuring the integrity and
authenticity of every piece, it would be different, I'm not arguing with
that.
--
---
ms of being susceptible to
tampering with by the alleged victim (although less susceptible to remote
manipulation by the attacker after the fact, true).
--
- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones ne
ing to a DoS.
Prior to 1.1.13.
--
- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones never use mirrors?
--- 2003-08-04 10:16 --
___
Full-Disclosure -
n evidence the owner of the box was in control of the
application that sent the offending traffic. The hard evidence comes from
a different source, usually.
--
--------- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones never use
Good morning list, ,--. ,--.
\ /-~-\ /
=== )' a a `(
1. Posfix 1.1.12 remote DoS (CAN-2003-0540) .( ,---. ),
=
1 - 100 of 119 matches
Mail list logo
