[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Multiple Vulnerabilities in Microsoft Vulnerabilities

To: Willie G <gates@defrauded.us>
Subject: Re: [Full-Disclosure] Multiple Vulnerabilities in Microsoft Vulnerabilities
From: Luca Mihailescu <luca@mihailescu.net>
Date: Wed, 4 Feb 2004 16:15:55 -0500

You gotta be kidding me.This is one of the worst "disclosure" i've seen lately.

L.

Quoting Willie G <gates@defrauded.us>:

> 
> Multiple Vulnerabilities in Microsoft Vulnerabilities
> Original issue date: February 02, 2004
> Last revised: -- February 04, 2004
> Source: PERFIDIOUS DOT ORG SECURITY TEAM
> 
> Systems Affected
> 
> All Microsoft Products
> 
> Overview
> 
> Microsoft contains multiple vulnerabilities within their vulnerabilities
> the most serious of which could allow another vulnerability to execute
> another vulnerability and open a Pandora's box of vulnerabilities which
> can lead to a Denial of Service attack on an administrator's inbox.
> 
> Description
> 
> Microsoft Security Bulletins describe vulnerabilities. When issuing these
> vulnerability bulletins, Microsoft has been creating localhost based
> Denial of Service attacks on administrator mailboxes worldwide. The
> problem arises by various security organizations releasing too many
> Microsoft vulnerability alerts for programs which have security flaws.
> 
> /////
> gates@defrauded:~> mutt -y
> --- Mutt --- defrauded : ~/Maildir/.ms-sec  [ 1743765209473471876432 msgs
> 
> SEGMENTATION FAULT
> /////
> 
> Impact
> 
> This problem is becoming a costly one for administrators worldwide and a
> estimates show billions of dollars in losses incurred by this
> vulnerability because of the time spent sifting through these
> vulnerabilities, adding patches, updating, etc.
> 
> Solutions
> 
> Remove your email address from mailing lists which post Microsoft Security
> updates
> 
> Install an alternative Operating System
> 
> 
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> "That vulnerability is theoretical"
> 
> Willie G.
> gates@shafted.us
> Shafted US Security Team
> 00-212-555-1269
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
> 



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- [Full-Disclosure] Multiple Vulnerabilities in Microsoft Vulnerabilities
  - From: Willie G <gates@defrauded.us>

Prev by Date: Re: [Full-Disclosure] Oldest Hack Sept. 1970 Just for Fun
Next by Date: Re: [Full-Disclosure] Interesting side effect of the new IE patch
Previous by thread: [Full-Disclosure] Multiple Vulnerabilities in Microsoft Vulnerabilities
Next by thread: Re: [Full-Disclosure] Multiple Vulnerabilities in Microsoft Vulnerabilities
Index(es):
- Date
- Thread