[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Full-Disclosure] NASA WebSites Multiple Vulnerabilities ADVISORY opened to public access ( NASA websites Patched )
- To: "Full-Disclosure" <full-disclosure@lists.netsys.com>
- Subject: [Full-Disclosure] NASA WebSites Multiple Vulnerabilities ADVISORY opened to public access ( NASA websites Patched )
- From: "Lorenzo Hernandez Garcia-Hierro" <lorenzohgh@nsrg-security.com>
- Date: Thu, 23 Oct 2003 22:53:30 +0200
Hello friends,
I'm happy and sad in the same time.
The NASA websites are patched but they didn't contacted me after i sent the
access instructions to advisories, so,
i have now the advisory open and a complete action-mail/advisory log for
probe and provide the communication
between NASA staff and me.
__ ACCESS INFORMATION __
Advisory access:
http://advisories.nsrg-security.com/Nasa.gov-MV/
Mail & Action & Advisory Log :
http://advisories.nsrg-security.com/Nasa.gov-MV/mail-log.txt
ScreenShots:
http://advisories.nsrg-security.com/Nasa.gov-MV/screenshots/
__ <<<EOF __
That's all , about one week of work and a very short and strange
communication between NASA staff and me.
NOTE: not all the things are patched but i think that the most important ,
it's very possible that
the NASA staff will ignore some security holes....
Best regards to all people of Full-Disclosure , Nasa staff ( John ! ) ;-) ,
every body...
-------------------------------
0x00->Lorenzo Hernandez Garcia-Hierro
0x01->/* not csh but sh */
0x02->$ PATH=pretending!/usr/ucb/which sense
0x03-> no sense in pretending!
__________________________________
PGP: Keyfingerprint
4ACC D892 05F9 74F1 F453 7D62 6B4E B53E 9180 5F5B
ID: 0x91805F5B
**********************************
No Secure Root Group Security Research Team
http://www.nsrg-security.com
______________________
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html