Re: [Full-disclosure] Secuirty Hole Found In Dave's Sock

From: Craig, Tobin (OIG) (tobin.craig_at_va.gov)
Date: 09/08/05

  • Next message: y0himba: "RE: [Full-disclosure] Secuirty Hole Found In Dave's Sock"
    Date: Thu, 8 Sep 2005 12:25:15 -0400
    To: <dave.cawley@adelphia.com>, <full-disclosure@lists.grok.org.uk>
    
    

    Dave,

    A number of patches are available, all depenent upon the severity of the vulnerability. I had always assumed this to be a feature, but now that it's been observed elsewhere, I'll initiate a full audit of my environment.

    I also recommend that you carry spare socks to maintain continuity of operations.

    Just a thought,

    Tobin

    -----Original Message-----
    From: full-disclosure-bounces@lists.grok.org.uk <full-disclosure-bounces@lists.grok.org.uk>
    To: full-disclosure@lists.grok.org.uk <full-disclosure@lists.grok.org.uk>
    Sent: Thu Sep 08 12:10:28 2005
    Subject: [Full-disclosure] Secuirty Hole Found In Dave's Sock

    Date: 9/8/2005

    Vulnerability Found: Hole In Dave's Socket

    Affected System: Dave's Right Sock

    Severity: Rating: Moderately Critical
                                    Impact: System access
                                    Where: Foot

    Description of Vulnerability: This morning while putting my socks
    on I found a small (1/4 inch) hole by my big toe. This could be
    exploited by a virus through the bottom of the foot or under the
    toe nail. This could be used to compromise Dave's entire system.

    Solution: No permanent solution is currently available. A work
    around is to wear the sock on the other foot to have the hole
    above the small toe where it will not be furthur enlarged, it
    will proboably fold over and partially cover the vulnerability.
    Permanent solution coming in either a sock darning or upgrading
    the unit to a new sock.

    Time Table: Found at 7:48am on Sept 8th, 1005
                            Work around figured out at 7:49am on Sept 8th,
    2005
                            Permanent Solution Pending

    Credits: Found by Dave

    References: No references available.

    ***************************************************************
    Dave D. Cawley |
    High Speed Internet | The number of Unix installations
    Duryea, PA | has grown to 10, with more expected.
    (570)451-4311 x104 | - The Unix Programmer's Manual,1972
    dave.cawley@adelphia.com |
    ***************************************************************
                      URL => http://www.adelphia.net
    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.grok.org.uk/full-disclosure-charter.html
    Hosted and sponsored by Secunia - http://secunia.com/
    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.grok.org.uk/full-disclosure-charter.html
    Hosted and sponsored by Secunia - http://secunia.com/


  • Next message: y0himba: "RE: [Full-disclosure] Secuirty Hole Found In Dave's Sock"

    Relevant Pages

    • [Full-disclosure] Secuirty Hole Found In Daves Sock
      ... Description of Vulnerability: This morning while putting my socks ... on I found a small hole by my big toe. ... Permanent solution coming in either a sock darning or upgrading ...
      (Full-Disclosure)
    • Re: [Full-disclosure] Secuirty Hole Found In Daves Sock
      ... >on I found a small hole by my big toe. ... No permanent solution is currently available. ... >will proboably fold over and partially cover the vulnerability. ... >Permanent solution coming in either a sock darning or upgrading ...
      (Full-Disclosure)
    • Re: [Full-disclosure] Secuirty Hole Found In Daves Sock
      ... I've found out that using Dave's right Sock 1.0 along with Sandals 2.0 will ... Secuirty Hole Found In Dave's Sock ... Vulnerability Found: Hole In Dave's Socket ... No permanent solution is currently available. ...
      (Full-Disclosure)
    • Re: [Full-disclosure] Secuirty Hole Found In Daves Sock
      ... assured that this hole has been properly patched. ... un-installation of all sock from my system. ... >Vulnerability Found: Hole In Dave's Socket ... No permanent solution is currently available. ...
      (Full-Disclosure)
    • Re: [Full-disclosure] Secuirty Hole Found In Daves Sock
      ... It is enough for UNIX users to simply turn the sock inside out and continue wearing it on the same foot. ... > on I found a small hole by my big toe. ... No permanent solution is currently available. ...
      (Full-Disclosure)