CampusWide BlackBoard security problems.

[Gabe Arnold <f0x () squirrelsoup net>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I don't know if you people would consider this 'off-topic', and most
already know about this.  After having been quieted with a
cease-and-decist letter by BlackBoard, security flaws in their
CampusWide system discovered by Billy Hoffman and Virgil Griffith (known
as Vergil and Acidus).
http://features.slashdot.org/features/03/04/14/1846250.shtml?tid=172
covers the bassis of what happened.  Potential exploits in the system,
and a general overview are available from cryptome.org.   Description
of system and exploits here: http://cryptome.org/campuswide.txt
(exploits are near the bottom).  FAQ on the subject here:
http://cryptome.org/faq-campuswide.txt.  Additionally some form of
PowerPoint presentation relating to the exploits here:
http://cryptome.org/interz0ness.ppt.  If this is found to be
'off-topic' please excuse me and just ignore this.


- --
~  Gabe
www.squirrelsoup.net
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQE+ngqRckcsnldWwycRAoCBAKCJ56NfZ1L+AORNdItAetjGqJDQ8ACghglu
b3zF7UePuMc3MvZuo1h3YTM=
=5tnc
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html