Full Disclosure mailing list archives

Re: Plain Text Password Disclosure vulnerability in rediff mail

From: "Lincoln Anderson" <ayblinkin () gmail com>
Date: Fri, 11 Sep 2009 19:31:21 -0500

If you spit on it in just the right spot, you will have created a brick-wall
- an oft underappreciated network device that both livens the décor of any
datacenter and obviates the need for most security practices.

-----Original Message-----
From: full-disclosure-bounces () lists grok org uk
[mailto:full-disclosure-bounces () lists grok org uk] On Behalf Of mrx
Sent: Friday, September 11, 2009 6:58 PM
To: full-disclosure () lists grok org uk
Subject: Re: [Full-disclosure] Plain Text Password Disclosure vulnerability
in rediff mail

Rohit Patnaik wrote:

full-censorship () hushmail com wrote:

On Fri, 11 Sep 2009 22:27:41 +0100 Valdis.Kletnieks () vt edu wrote:

On Fri, 11 Sep 2009 21:49:00 BST, you said:

would one not rather hire someone *not* well-known and *doesn't* 
      
get owned?

Feel free to hire that guy flipping burgers at McD's to do your 
security
assessment.

the burger flipper would be the obvious choice, young and eager to 
learn.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

The choice is obvious only as long as you ignore the fact that eager to 
learn also means eager to make mistakes.  After all, isn't trying (and 
failing) the most effective method of learning?

--Rohit Patnaik

But how does spitting on a router help to secure it?

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Re: Plain Text Password Disclosure vulnerability in rediff mail, (continued)
- Re: Plain Text Password Disclosure vulnerability in rediff mail Dan Kaminsky (Sep 10)
  - Re: Plain Text Password Disclosure vulnerability in rediff mail dramacrat (Sep 10)
  - Re: Plain Text Password Disclosure vulnerability in rediff mail D-vice (Sep 11)
    - Re: Plain Text Password Disclosure vulnerability in rediff mail Valdis . Kletnieks (Sep 11)
    - Re: Plain Text Password Disclosure vulnerability in rediff mail D-vice (Sep 14)
- Re: Plain Text Password Disclosure vulnerability in rediff mail full-censorship (Sep 11)
  - Re: Plain Text Password Disclosure vulnerability in rediff mail Valdis . Kletnieks (Sep 11)
- Re: Plain Text Password Disclosure vulnerability in rediff mail full-censorship (Sep 11)
  - Re: Plain Text Password Disclosure vulnerability in rediff mail Rohit Patnaik (Sep 11)
    - Re: Plain Text Password Disclosure vulnerability in rediff mail mrx (Sep 11)
    - Re: Plain Text Password Disclosure vulnerability in rediff mail Lincoln Anderson (Sep 11)