|Main Archive Page > Month Archives > full-disclosure-uk archives|
Funny but no, this does not need a non-installed wordpress.
2012/1/25 Benji <firstname.lastname@example.org>
> Dear full-disclosure
> I wrote to you to tell you about serious serious vulnerability in all
> Windows versions.
> If you turn machine on before system is configured, then you be able to
> set user password yourself, big gaping hole!!!!
> I make big large botnet to fully utilise this impressive vulnerability!
> thegrugq said i could sell this for liike 3 ferrari's and 1 russian wife, i
> say nay though! Big time russian mobster offer me diamond, i say nay! I
> like report vuln of this size responsibility in so hope to make more
> money^H^H^H^H^H^H^Hsecure world.
> Please full-disclosure, this vuln is serious and i plead you shut down all
> windows now.
> I wrote metasploit module! It find new installs turned off machine, WOL
> and i go to house and enter password! FULL SYSTEM OWNED! Big botnets! Many
> On Wed, Jan 25, 2012 at 2:49 PM, Tim Brown <email@example.com> wrote:
>> On Wednesday 25 Jan 2012 15:22:39 Henri Salo wrote:
>> > There is A LOT of these open installation pages in the Internet. It is
>> > uncommon to leave those open by accident. Some people also do this,
>> > because they just don't understand the risks. I am wondering if
>> > would apply patch if we create one as a collaborative effort. I would be
>> > more than happy to help creating a patch for this if this is the case.
>> I may have missed something, but does simply having the file exposed make
>> vulnerable. From looking at it, it starts of with a bunch of
>> which essentially evaluate if you've installed or not and wp_die() if you
>> Tim Brown
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/