Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

LSNN: Aditya releases lame documents; FD vulnerable

From: LSNN <lamesecuritynews () gmail com>
Date: Sun, 9 Sep 2007 14:13:25 +0530
MR. LAME ASS OF THE MONTH RELEASES NEW MATERIALS

The lame ass of the month, Aditya K Sood has released two documents of
the talks he delivered on Xfocus Xcon conference and OWASP Live 0
conference day. [1.1] The security community has usually found Aditya
K Sood's documents to be lame and useless. Aditya K Sood also does not
occur in any security list where vulnerabilities are verified before
pusblishing. [1.2] OSVDB/CVE has a policy of tagging such
vulnerabilities as Myth/Fake but they have ignored Aditya because they
believe the vulnerabilities to be so lame that it can not create any
potential confusion. [1.3] Finally, some frustrated soul in Full
Disclosure awarded Aditya K Sood with the title of "Lame Ass of the
Month". [1.4] Since then, Aditya seems to have been on a self-imposed
exile from full disclosure.

[1.1] http://www.webappsec.org/lists/websecurity/archive/2007-09/msg00032.html
[1.2] http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065295.html
[1.3] http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065296.html
[1.4] http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065573.html


A VULNERABILITY FOUND IN FULL DISCLOSURE MAILING LIST

A vulnerability very common in many unmoderated forums also affects
Full Disclosure mailing list. Any troll (like us) can can set rolling
a long and winding discussion on lame topics which increases the SNR
(signal to noise ratio) of the forum. A very recent example is the
thread with the subject "Came across this site" [2.1] posted by Scott.
Fortunately, Shyaam pointed out that it was a "Useless thread once
again".The lame thread still got 4 lame replies.

This vulnerability is common in many unmoderated forums. There are
many open source project forums which are known to be less affected by
this vulnerability because in such forums the users and programmers
are driven by a common goal, sense of responsibility and common-sense.

[2.1] http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065664.html

-----
We are Lame Security News Network (LSNN)
If you believe in a free and open news service for security researchers,
please volunteer by sending us lame news and articles on security.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: