Dailydave mailing list archives
RE: Anonymized posting
From: "Thor Larholm" <thor () pivx com>
Date: Fri, 28 May 2004 11:23:01 -0700
So let met get this straight, they have put up a temporary site with no real details about the compromise (just a link to the exploit) and a patch for download by administrators - who would want to vouch for the integrity of that patch when the server is running OpenSSL 0.9.6b? ;) Regards Thor Larholm Senior Security Researcher PivX Solutions 24 Corporate Plaza #180 Newport Beach, CA 92660 http://www.pivx.com thor () pivx com Stock symbol: (PIVX) Phone: +1 (949) 231-8496 PGP: 0x5A276569 6BB1 B77F CB62 0D3D 5A82 C65D E1A4 157C 5A27 6569 PivX defines a new genre in Desktop Security: Proactive Threat Mitigation. <http://www.pivx.com/qwikfix> -----Original Message----- From: Dave Aitel [mailto:dave () immunitysec com] Sent: Friday, May 28, 2004 11:14 AM To: dailydave () lists immunitysec com Subject: [Dailydave] Anonymized posting -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 http://uptime.netcraft.com/up/graph?site=cvshome.org&probe=1 "Apache/1.3.22 (Unix) (Red-Hat/Linux) mod_ssl/2.8.4 OpenSSL/0.9.6b PHP/4.0.6 mod_perl/1.26 mod_throttle/3.1.2" One can only hope that this was put online as a honeypot, after the recent publication of a sustained two-year compromise of cvshome.org. What backdoored opensource project owned you today? -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFAt4GAzOrqAtg8JS8RAsUpAJ0QV9UK0XbdwJtKIelvHyMPr1piGwCgq7HK alIkt7cMILweZ/6OVJBbiPs= =8xe4 -----END PGP SIGNATURE----- _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://www.immunitysec.com/mailman/listinfo/dailydave _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://www.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- anonymized posting Dave Aitel (May 11)
- <Possible follow-ups>
- Anonymized posting Dave Aitel (May 28)
- RE: Anonymized posting Jason Hooper (May 28)
- RE: Anonymized posting Thor Larholm (May 28)
- Re: Anonymized posting Dave Aitel (May 28)
- Anonymized posting Dave Aitel (Jun 09)
- Re: Anonymized posting wirepair (Jun 09)
- Re: Anonymized posting Frank Knobbe (Jun 09)
- Re: Anonymized posting Evgeny Demidov (Jun 09)