Hacker Leaks Unreleased CERT Reports
Call Me Black Cloud writes "A hacker calling himself "Hack4Life" swiped 3 unpublished vulnerability reports from a company working with CERT and posted them to the Full Disclosure mailing list. A couple of days later, he did it again (while promising weekly leaks). Wired also has a story, including a link to one of the postings."
Its a little too ironic if he's using the leaks in the reports he steals....
I drink too much coffee. I leak several times per day.
How to Download YouTube Videos
I don't think any regular readers of slashdot fit that discription.
Store the Windows vulnerabilities on a Windows server, Linux vulnerabilities on a Linux server, etc.
That might take the edge off some companies' complaints about vulnerabilities leaking out before the clock is up.
"I'm going to release these at 7pm on Friday, so that sysadmins don't know about this and can't do anything about this til Monday morning" (paraphrased).
What I'd like to know, is what real sys admin is NOT glued to multiple consoles at 7pm on a Friday?
That's about the start of the week when real work can get done!
War crimes, torture, lies, illegal spying... Would someone give Bush a blowjob, already, so he can be impeached?
Hum, look at the references section
6. http://www.kb.cert.org/vuls/id/192995
7. file://localhost/XDR.html#vendors
8. http://www.kb.cert.org/vuls/id/516825
localhost!? They're obviously already using the vulnerability to put files on my computer.
.oO Kaa Oo.