Full Disclosure: Re: KDE was hacked

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Full Disclosure mailing list archives

Re: KDE was hacked

From: "Kurt Seifried" <listuser () seifried org>
Date: Sun, 9 May 2004 20:30:28 -0600

Please note that this is yet another troll:

Received: from securityfocus.bugtraq.org ([199.173.12.66])
 by netsys.com (8.11.6p2-2003-09-16/8.11.6) with SMTP id i4A0od422402
 for <full-disclosure () lists netsys com>; Sun, 9 May 2004 20:50:46 -0400
(EDT)

A hint: email from iDEFENSE employees typically comes from machines with
reverse and forward DNS in the idefense.com DNS zone (funny how it works
that way).

While I don't mind spoofed posts, these are getting very lame.

Kurt Seifried, kurt () seifried org
A15B BEE5 B391 B9AD B0EF
AEB0 AD63 0B4E AD56 E574
http://seifried.org/security/


----- Original Message ----- 
From: "Richard Johnson" <thief () bugtraq org>
To: "Alexander" <pk95 () yandex ru>
Cc: <full-disclosure () lists netsys com>
Sent: Sunday, May 09, 2004 19:41
Subject: Re: [Full-disclosure] KDE was hacked

If you had been subscribed to our iAlert services, you would have known
about this specific hacker threat months in advance, and known that only
the binary releases of KDE are safe to use.

As an agent of an commercial intelligence agency, I cannot stress how
important it is for all commercial entities to subscribe to commercial
intelligence services.

We know about hacking before it happens!


On Fri, May 07, 2004 at 10:48:06PM +0400, Alexander wrote:

2004/05/03 13:50:28 KDE was hacked by Russian hacker

More information (In Russian)

http://www.securitylab.ru/45100.html


Diff for /kdenetwork/kppp/connect.cpp between version 1.175 and 1.176:

http://webcvs.kde.org/cgi-bin/cvsweb.cgi/kdenetwork/kppp/connect.cpp.diff?r1

=1.175&r2=1.176&f=h



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


-- 
Richard Johnson, CISSP
Senior Security Researcher
iDEFENSE Inc.
thief () bugtraq org

Get paid for security stuff!!!!!!
http://www.idefense.com/contributor.html

and become part of our reearch team!
http://idefense.bugtraq.org/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

By Date By Thread

Current thread:

KDE was hacked Alexander (May 07)
- RE: KDE was hacked Jelmer (May 07)
- Re: KDE was hacked Seth Alan Woolley (May 07)
  - Re[2]: KDE was hacked 3APA3A (May 08)
- Re: KDE was hacked Richard Johnson (May 09)
  - Re: KDE was hacked Kurt Seifried (May 09)
  - Re: KDE was hacked Jason Coombs (May 09)
  - RE: KDE was hacked Aditya, ALD [Aditya Lalit Deshmukh] (May 10)