Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
[Full-Disclosure] Talk in #grsecurity

From: Ed Street (edstreetstreet-tek.com)
Date: Thu Mar 25 2004 - 22:41:03 CST

I thought I would pass this blurb along, taken on #grsecurity and the
subject was security. Just to let everyone know I am awaiting these exploits
to be released to the respected parties in due time or an apology for
falsifying these claims.






[22:22] <spender> is exec-shield in debian yet?

[22:23] <BlackNet> i had it working under debian

[22:23] <BlackNet> kernel-patch-exec-shield - Protection against stack
smashing and other attacks.

[22:23] <spender> i mean, is it in mainline debian

[22:23] <spender> ah okay

[22:23] <spender> so good i can release this exploit the day after fedora
core 2 then

[22:23] <spender> two birds with one stone

[22:24] <BlackNet> what exploit?

[22:24] <spender> i'm just lying

[22:25] <spender> it doesn't exist

[22:25] <spender> it didn't exist when i said it did months ago on the
debian list

[22:25] <spender> and it didn't exist when exec-shield was first written

[22:25] <spender> so just ignore me

[22:26] <BlackNet> so this hole was never fixed?

[22:26] <spender> brb, setting up a fake test system with a fake exec-shield
kernel to write a fake exploit

[22:30] * Joins: Method

[22:34] * BlackNet holds his breath and passes out from the excitment

[22:34] <spender> there are 2 holes really

[22:34] <spender> so i'll release just one

[22:35] <spender> and then state my intent to release the second in 3 months

[22:35] <BlackNet> care to share some details on the first one?

[22:35] <spender> nah

[22:35] <spender> well, the one is very serious

[22:35] <spender> the other is serious, but only in certain situations

[22:35] <BlackNet> who found it?

[22:36] <spender> me

[22:36] <BlackNet> well congrats

[22:36] <spender> i found it the day exec-shield was released

[22:37] <BlackNet> so when's the release date

[22:37] <spender> when would be the best time after fedora core 2 is out?

[22:37] <spender> that's what i'm waiting on

[22:37] <BlackNet> why wait?

[22:37] <spender> but i'd like for it to be installed on a couple machines

[22:37] <spender> so there's a real threat

[22:38] <spender> would a gtk or qt exploit be good too?

[22:38] <BlackNet> send 'em in if you have 'em

[22:38] <spender> oh i'll send it in

[22:40] <BlackNet> how many do you have that's not released?

[22:41] <spender> 2 for exec-shield

[22:41] <spender> 3 for systrace

[22:41] <spender> 1 for DTE

[22:41] <spender> ~10 for LIDS

[22:42] <BlackNet> that's alot

[22:42] <spender> oh

[22:42] <spender> 3 i think for linsec

[22:43] <BlackNet> all of these are non-reported?

[22:43] <spender> correct

[22:43] <spender> well

[22:43] <spender> 1 lids and DTE bug i released recently

[22:43] <BlackNet> wow you do some work

[22:43] <spender> to a channel of blackhats

[22:43] <spender> it's the same bug, just present in both

[22:44] <BlackNet> ah

[22:44] <BlackNet> so which one you going to release first?

[22:44] <spender> hmm

[22:45] <spender> i think the serious one

[22:45] <spender> so there's no chance that it can be spun in any way to
allow it to be ignored



Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.631 / Virus Database: 404 - Release Date: 3/17/2004

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html