Full Disclosure mailing list archives
Re: April 1st is here (joy). now improved
From: Szilveszter Adam <adam () hif hu>
Date: Thu, 01 Apr 2004 09:44:08 +0200
Kurt Seifried wrote:
If you're going to pull an Apil 1st hoax it's gotta be a bit less obvious then this. Although I have no doubt this will send at least a few list members into dizzying heights of excitement (I suppose it's cheaper then a subscription to playboy ;).
Well if we are into folly anyway :-) FEAR!FEAR!FEAR!********!ADVISORY!***********FEAR!FEAR!FEAR! Security Advisory No 0x454564afWe have discovered a serious security hole after OpenBSD 3.4 default install!
After successful installation, we proceeded to the garden. There we grabbed a carrot and pulled firmly. And whoa, instant root acess! We never thought it would be this easy. Really, these sorts of incidents should be prevented.
Due to the very serious nature of this bug, we will not disclose PoC at this time, esp because the root has already been consumed.
For details visit our homepage http://www.iamanidiot.com/ ****************************************************** _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Subject: FW:*ALERT* NEW BID 10025 (URGENCY 9.3): Cisco CatOS Password flair loops (Mar 31)
- April 1st is here (joy). Subject: FW:*ALERT* NEW BID 10025 (URGENCY 9.3): Cisco CatOS Password Kurt Seifried (Mar 31)
- Re: April 1st is here (joy). now improved Szilveszter Adam (Apr 01)
- April 1st is here (joy). Subject: FW:*ALERT* NEW BID 10025 (URGENCY 9.3): Cisco CatOS Password Kurt Seifried (Mar 31)