Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: ntpd stack evasion exploit
From: "George A. Theall" <theall () tifaware com>
Date: Tue, 10 Jan 2006 20:38:53 -0500

On Wed, Jan 11, 2006 at 12:29:35PM +1100, Sean Crawford wrote:

And judging from the original email I would say the Federal Reserve Bank of
Minneapolis may well be full of said vulnerabilities.

Just the fact a bank employee is posting on a public list asking for help is
insane, but this list!...WHOA

If I read a post from someone at my bank asking such things I would be
making my way to the nearest branch with a withdrawal form and a copy of the
email for the manager.

It's worse than that, I'm afraid - the Federal Reserve Bank is the U.S. 
central bank and, as such, in charge of the country's banking system. 

At least the original poster didn't offer up any hostnames.

theall () tifaware com

Attachment: _bin

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]