Re: nVidia.com [Url Redirection flaw]

[mac.user () mac hush com]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Are you even aware that you've been arguing with me?  Perhaps we
should move this discussion off-list, so we don't annoy the rest of
the bugtrackers...

On Tue, 24 Mar 2009 15:34:32 -0400 Rubén Camarero
<rjcamarero () gmail com> wrote:
> I am only stating that the bug posted here isn't serious. I agree
> with you
> on the other issues, more or less anyways.
>
> On Tue, Mar 24, 2009 at 3:30 PM, <mac.user () mac hush com> wrote:
>
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > nvidia has a poor track record with security.  I'm citing two
> > examples.  One is on their website, and one is in their drivers.
> > Can you cite anything they have done right?  Your effective
> arguing
> > strategies makes you a top nominee for Gadi Evron's no-swearing
> > event at defcon.
> >
> > On Tue, 24 Mar 2009 15:27:09 -0400 Rubén Camarero
> > <rjcamarero () gmail com> wrote:
> > > That example has nothing to do with this particular bug. Using
> > > multiple
> > > exclamation or question marks does not help your ineffective
> > > argument,
> > > either.
> > >
> > > On Tue, Mar 24, 2009 at 3:15 PM, <mac.user () mac hush com> wrote:
> > >
> > > > -----BEGIN PGP SIGNED MESSAGE-----
> > > > Hash: SHA1
> > > >
> > > > With all due respect, my corned beef and sauerkraut smelling
> > > > friend, I am simply pointing out that when it comes to
> security
> > > > nvidia is clueless.  Do you not remember the great debacle of
> > > 2006
> > > > when Rapid7 showed off remote kernel exploitation of the
> nvidia
> > > > driver by webbrowser?  http://kerneltrap.org/node/7228 should
> > > > refresh your memory.  40 million lost credit cards but at
> least
> > > > they put nvidia in their rightful place and have their
> > > priorities
> > > > in order.  And speaking of security concerns and nvidia, why
> do
> > > you
> > > > think Microsoft didn't use nvidia in their trusted gaming
> > > platform
> > > > xbox360????  Everyone in our industry knows that nvidia is
> shit
> > > for
> > > > security, even their javascript sucks!!!
> > > >
> > > >
> > > > On Tue, 24 Mar 2009 14:45:46 -0400 Rubén Camarero
> > > > <rjcamarero () gmail com> wrote:
> > > > > If ATI and nVidia were web content developers, this may be a
> > > valid
> > > > > argument,
> > > > > but they are not. They are graphics vendors, hardware and
> > > > > software. Not to
> > > > > mention the fact that this isn't a "serious" issue. RFI is a
> > > > > serious issue,
> > > > > IMHO.
> > > > >
> > > > > On Tue, Mar 24, 2009 at 1:37 PM, <mac.user () mac hush com>
> wrote:
> > > > > > -----BEGIN PGP SIGNED MESSAGE-----
> > > > > > Hash: SHA1
> > > > > >
> > > > > > I have been saying for years that ATI is better than
> nvidia
> > > and
> > > > > > here is just one more reason!  You don't see serious
> issues
> > > like
> > > > > > this with ATI's website.
> > > > > >
> > > > > > On Tue, 24 Mar 2009 10:13:21 -0400 Lorenzo Vogelsang
> > > > > > <vogelsang.lorenzo () gmail com> wrote:
> > > > > > > Hi all, i'm new to the list. I'm an italian student who
> > > likes
> > > > > > > security
> > > > > > > topics in the I.C.T world..
> > > > > > >
> > > > > > > Browsing the nVdia web sites, i have found a very basic
> Url
> > > > > > > redirection
> > > > > > > flaw. Infact when downloading a driver i get Urls like
> this:
> > > > > > >
> >
> > > > http://www.nvidia.com/content/DriverDownload/download_confirmati
> o
> > > n
> > > > > .
> > > > > >
> >
> > > > asp?kw=&url=http://us.download.nvidia.com/Windows/179.48/179.48_
> n
> > > o
> > > > > t
> > > > > > > ebook_winxp_64bit_beta.exe
> > > > > > >
> > > > > > > and connecting to this another Url
> >
> > > > http://www.nvidia.com/content/DriverDownload/download_confirmati
> o
> > > n
> > > > > .
> > > > > > > asp?kw=&url=http://www.google.it
> > > > > > >
> > > > > > >
> > > > > > > will redirects succefully to www.google.it! (or other web
> > > site
> > > > > of
> > > > > > > your
> > > > > > > choice , or downloadble content..)
> > > > > > >
> > > > > > >
> > > > > > > Enjoy!
> > > > > > >
> > > > > > > Lorenzo Vogelsang.
> > > > > > -----BEGIN PGP SIGNATURE-----
> > > > > > Charset: UTF8
> > > > > > Version: Hush 3.0
> > > > > > Note: This signature can be verified at
> > > > > https://www.hushtools.com/verify
> > > > > >
> >
> > > wpwEAQMCAAYFAknJGmEACgkQfuF4tUz/X+KtEQP/fg36QI6yY9Hw6Q5eOsLUBGtPj
> g
> > > 9
> > > > > /
> > > > > >
> >
> > > kxEmlsVdQl23h92FU75bHiOHhDMo7nLMCbHH7HHZDMvEw05OCDBaOqTx54xyTHBay
> H
> > > 4
> > > > > s
> > > > > >
> >
> > > xf4joU8LSrTOFrklgT7tGXr+AMIfi4ypgIXzRv6Gx0vD3EAKIR3KWL4qFtg/OahHk
> l
> > > 7
> > > > > q
> > > > > > jOiz888=
> > > > > > =2MOh
> > > > > > -----END PGP SIGNATURE-----
> > > > > >
> > > > > > --
> > > > > > Can't pay your bills?  Click here to learn about filing
> for
> > > > > bankruptcy.
> > > > > >
> >
> > > http://tagline.hushmail.com/fc/BLSrjkqhNChbdTZRNxLsL4IFkcZYo7APte
> 6
> > > M
> > > > > FdjI1xth2KPqL4lm3VupTlG/
> > > > > > _______________________________________________
> > > > > > Full-Disclosure - We believe in it.
> > > > > > Charter: http://lists.grok.org.uk/full-disclosure-
> > > charter.html
> > > > > > Hosted and sponsored by Secunia - http://secunia.com/
> > > > >
> > > > >
> > > > >
> > > > > --
> > > > > Rubén Camarero
> > > > > CCNA, CISSP
> > > > -----BEGIN PGP SIGNATURE-----
> > > > Charset: UTF8
> > > > Version: Hush 3.0
> > > > Note: This signature can be verified at
> > > https://www.hushtools.com/verify
> > > >
> >
> > wpwEAQMCAAYFAknJMWoACgkQfuF4tUz/X+LbggP9GPddhDh3krXB3ieyORr5Yd2RdE
> 6
> > > l
> > > >
> >
> > foRgQOUAaXbnpxc+d2XFByNe8wAYHF+dheNou5cb0XBF99NmW4wt2uoR57/7PmSp6z
> d
> > > M
> > > >
> >
> > 1bsBzocX6Kkpbl38bMf4ZG/OlEz7cqfNOGExPE5cicr2Y462fk/BAWfUWV6B82ieWz
> 4
> > > Z
> > > > BbBeab8=
> > > > =ZiqN
> > > > -----END PGP SIGNATURE-----
> > > >
> > > > --
> > > > Click to compare and save on auto insurance.
> >
> > http://tagline.hushmail.com/fc/BLSrjkqePmfJGmpcWA2Xcaz2NXhk84bAM4H
> x
> > > iigERihBJ2ZwE0pe0OeJOxS/
> > > >
> > >
> > >
> > > --
> > > Rubén Camarero
> > > CCNA, CISSP
> > -----BEGIN PGP SIGNATURE-----
> > Charset: UTF8
> > Note: This signature can be verified at
> https://www.hushtools.com/verify
> > Version: Hush 3.0
> wpwEAQMCAAYFAknJNO4ACgkQfuF4tUz/X+JobQP/fKdv2DPbFGfAh8+N6GsdKO7ct1B
> P
> >
> 2h0sXd57nD6bKwOi8CiOZR3/fMjyl72R0xuS0Gtq8PhkX/mMo8GGaHw0h8DdHJ0DIAb
> j
> >
> kAY4Pc/oNXtRaO0UoCT0CJA04M9wIgdR0batMc9N0PHhI7Z041w7ycSohm9Q5u6UR9i
> B
> > R3X0sRc=
> > =ucxK
> > -----END PGP SIGNATURE-----
> >
> > --
> > Click here for free information on how to reduce your debt by
> filing for
> > bankruptcy.
> http://tagline.hushmail.com/fc/BLSrjkqhNCha09Yyoll97un6Gs8mL19gd7D3
> JKfsHHWsIQfxfuSbfcMocNq/
> >
>
>
> --
> Rubén Camarero
> CCNA, CISSP
-----BEGIN PGP SIGNATURE-----
Charset: UTF8
Version: Hush 3.0
Note: This signature can be verified at https://www.hushtools.com/verify

wpwEAQMCAAYFAknJNwcACgkQfuF4tUz/X+IVsQP9HDa6vSSub9nXDYpiBgz1grUqoYbD
nVd0ee3CSbBzArov2PK6abL0aNgR4SfDj//dlq+AzUZJz02yCR61+ysv8U7uSUrRmdjD
rXjQl21C5vWMAe9FErKxEJFqit5bNhT6NBC0aHftxDnhOiK5VxmrvwiJd9s2VMXp0ob4
xSpn07c=
=4By0
-----END PGP SIGNATURE-----

--
Always a good call. Click now to establish your local phone service!
 http://tagline.hushmail.com/fc/BLSrjkqdEiol285IZBaWZwNaaLYjM2ZwrmuXbeUGsMm8hJItZk3LssTfv6A/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/