foo Posted July 20, 2009 Share Posted July 20, 2009 http://lists.grok.org.uk/pipermail/full-di...uly/069752.html well shit? Quote Link to comment Share on other sites More sharing options...
Jonnycake Posted July 20, 2009 Share Posted July 20, 2009 Well then, I'm shutting down my ssh server until the patch for the exploit is written! :) Edit: Although this could just be a prank to scare people o.O Quote Link to comment Share on other sites More sharing options...
Webhostbudd Posted July 20, 2009 Share Posted July 20, 2009 Yea, I also saw this earlier and thought it was just a prank. Better safe than sorry though. Quote Link to comment Share on other sites More sharing options...
digininja Posted July 20, 2009 Share Posted July 20, 2009 Isn't this hypocritical, disclosing a vulnerability to protest against the full disclosure movement? Quote Link to comment Share on other sites More sharing options...
Webhostbudd Posted July 20, 2009 Share Posted July 20, 2009 Pretty much. It's not like the closed source non-disclosed environment is better anyway. Just look at Windows and all of its vulnerabilities. There have been a few rumors spreading around recently though. We will see what happens. Quote Link to comment Share on other sites More sharing options...
moonlit Posted July 20, 2009 Share Posted July 20, 2009 http://www.theregister.co.uk/2009/07/20/anti_sec_spoof/ Prank, so says El Reg. Quote Link to comment Share on other sites More sharing options...
foo Posted July 20, 2009 Author Share Posted July 20, 2009 http://isc.sans.org/diary.html?storyid=6760 ya. my bad...i just ran across it earlier & was like wtf. i shoulda known better. Quote Link to comment Share on other sites More sharing options...
Darkmist! Posted July 23, 2009 Share Posted July 23, 2009 i would wait until the code is released to really worry about it. of course shut down your servers just in case but its probably a hoax anyone know who these anti-sec people are? Quote Link to comment Share on other sites More sharing options...
moonlit Posted July 23, 2009 Share Posted July 23, 2009 anyone know who these anti-sec people are? According to various articles, there was an admission made that this was not the work of the anti-sec group, it was just someone posting under their name. Quote Link to comment Share on other sites More sharing options...
DingleBerries Posted July 23, 2009 Share Posted July 23, 2009 There are going to be a bunch more "0-days" over the next few months that are going to be bogus. Some of them now are nothing but malware. Be wary of what you run. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.