[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Plain Text Password Disclosure vulnerability in rediff mail

To: "'mrx'" <mrx@xxxxxxxxxxxxxxxxxxx>, <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: Re: [Full-disclosure] Plain Text Password Disclosure vulnerability in rediff mail
From: "Lincoln Anderson" <ayblinkin@xxxxxxxxx>
Date: Fri, 11 Sep 2009 19:31:21 -0500

If you spit on it in just the right spot, you will have created a brick-wall
- an oft underappreciated network device that both livens the décor of any
datacenter and obviates the need for most security practices.

-----Original Message-----
From: full-disclosure-bounces@xxxxxxxxxxxxxxxxx
[mailto:full-disclosure-bounces@xxxxxxxxxxxxxxxxx] On Behalf Of mrx
Sent: Friday, September 11, 2009 6:58 PM
To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] Plain Text Password Disclosure vulnerability
in rediff mail

Rohit Patnaik wrote:
> full-censorship@xxxxxxxxxxxx wrote:
>   
>> On Fri, 11 Sep 2009 22:27:41 +0100 Valdis.Kletnieks@xxxxxx wrote:
>>   
>>     
>>> On Fri, 11 Sep 2009 21:49:00 BST, you said:
>>>
>>>     
>>>       
>>>> would one not rather hire someone *not* well-known and *doesn't* 
>>>>       
>>>> get owned?
>>>>       
>>>>         
>>> Feel free to hire that guy flipping burgers at McD's to do your 
>>> security
>>> assessment.
>>>     
>>>       
>> the burger flipper would be the obvious choice, young and eager to 
>> learn.
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>>   
>>     
> The choice is obvious only as long as you ignore the fact that eager to 
> learn also means eager to make mistakes.  After all, isn't trying (and 
> failing) the most effective method of learning?
>
> --Rohit Patnaik
>   
But how does spitting on a router help to secure it?

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- Re: [Full-disclosure] Plain Text Password Disclosure vulnerability in rediff mail
  - From: full-censorship
- Re: [Full-disclosure] Plain Text Password Disclosure vulnerability in rediff mail
  - From: Rohit Patnaik
- Re: [Full-disclosure] Plain Text Password Disclosure vulnerability in rediff mail
  - From: mrx

Prev by Date: Re: [Full-disclosure] Plain Text Password Disclosure vulnerability in rediff mail
Next by Date: [Full-disclosure] nullcon Goa 2010 Call For Papers
Previous by thread: Re: [Full-disclosure] Plain Text Password Disclosure vulnerability in rediff mail
Next by thread: [Full-disclosure] Friday the 11th of September 2009
Index(es):
- Date
- Thread