Microsoft Windows and *nix Telnet Port Numb erArgument Obfuscation

Discussion:

(too old to reply)

Andrew Haninger

2005-06-08 16:50:32 UTC

On 6/8/05, Richard John L Contractor 611 ACF/SCO

as a matter of fact, I'd love to have the original poster, re-post

Many many lists are archived at marc.theaimsgroup.com, full-disclosure included:

http://marc.theaimsgroup.com/?t=111818234400006&r=1&w=2

--
Andy
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Richard John L Contractor 611 ACF/SCO

2005-06-08 16:19:43 UTC

Permalink

I agree with the individual below...some of us are still new to this
vulnerability thing (I for one) and appreciate lurking hear and taking it
all in...as a matter of fact, I'd love to have the original poster,
re-post...I was talking to a few others who had no idea about this and
they'd love to see the article (which I'd deleted - for some reason???)

-----Original Message-----
From: full-disclosure-***@lists.grok.org.uk
[mailto:full-disclosure-***@lists.grok.org.uk]On Behalf Of Arjan van
der Velde
Sent: Wednesday, June 08, 2005 00:05
To: 'Andrew Haninger'; ***@virus-l.demon.co.uk
Cc: 'Full Disclosure'
Subject: RE: [Full-disclosure] Microsoft Windows and *nix Telnet Port
NumberArgument Obfuscation

Hi,

I like reading posts in here to learn from. It would be good not to be too
hostile against people asking questions you already know the answer for or
even have known it for ages already. If I were to ask a question I would
like to be educated or at least pointed in the right direction. Some replies
really discourage people from asking.

- Arjan

-----Original Message-----
From: full-disclosure-***@lists.grok.org.uk
[mailto:full-disclosure-***@lists.grok.org.uk] On Behalf Of Andrew
Haninger
Sent: Wednesday, June 08, 2005 9:08
To: ***@virus-l.demon.co.uk
Cc: Full Disclosure
Subject: Re: [Full-disclosure] Microsoft Windows and *nix Telnet Port
NumberArgument Obfuscation

This has been known since Adam was a cowboy.

Well, this /is/ full-disclosure, no? Best to tell than to withhold.

And while I would hope that there aren't a rash of old-school
vulnerabilities blowing through the list, I, for one, was unaware that you
could specify telnet ports like that. I wouldn't be surprised if I'm not
alone. Now I'll know what's up if I ever see stuff like this.

Though it does worry me a bit that this came from a @cisco.com address.
Shouldn't they be kind of *YAWN* about all things networking?

--
Andy
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Nick FitzGerald

2005-06-10 00:47:11 UTC

Permalink

Richard John L Contractor 611 ACF/SCO to Arjan van der Velde:

[restructured to fix non-quoted, top-postingitis]

Post by Richard John L Contractor 611 ACF/SCO

Post by Richard John L Contractor 611 ACF/SCO
I like reading posts in here to learn from. It would be good not to be too
hostile against people asking questions you already know the answer for or
even have known it for ages already. If I were to ask a question I would
like to be educated or at least pointed in the right direction. Some replies
really discourage people from asking.

I agree with the individual below...some of us are still new to this
vulnerability thing (I for one) and appreciate lurking hear and taking it
all in...

["below" == "above" due to aforementioned top-postingitis]

Lurking and reading and "listening" and learning are all good things
and I applaud you all for doing them (in fact, that is mostly what I
get from F-D too). However, note that this is a vulnerability (and
exploit) disclosure list, not a "I just came across something vaguely
interesting I thought some of you may also be interested in" list
(there are, of course, FD-relevant discoveries that may fall from such
moulds, but most that do are not FD-relevant...).

Post by Richard John L Contractor 611 ACF/SCO
... as a matter of fact, I'd love to have the original poster,
re-post...I was talking to a few others who had no idea about this and
they'd love to see the article (which I'd deleted - for some reason???)

As it seems to be noob week, I'll try to learn y'all sumfin...

[To be red in a bad Southern drawl...]

1. Full-Disclosure iz won of them thar _mailin list_ thangs.

2. It's reel commin for mailin lists to _archive_ all messages posted
thru 'em.

3. It's just 'bout as commin for them thar archives to be on tha web
(tho you may hav to be a subscribed list membar to login an see 'em).

4. Many mailin lists are run by software what putz all manna of useful
mailin list-related infoz in tha heddaz of theer messages, commonly in
the form "List-*:".

5. Most list subscribaz wil have MUAz (no, not cowz) wot ar able to
display such special heddaz.

6. Compitint list subscribaz wil no what button to click to uz those
feechurz...

Regards,

Nick FitzGerald

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

V***@vt.edu

2005-06-10 14:23:19 UTC

Permalink

Post by Nick FitzGerald
2. It's reel commin for mailin lists to _archive_ all messages posted
thru 'em.

The problem is that quite often, "ancient history" isn't archived on the
mailing lists, because the history predates the start of the list's archive
by a decade or so. Pushing in on a decade since I first saw *this* one:

http://2130706433%example.com/your.url.here

(And yes, I know RFC1945 isn't a decade old yet. ;)

Maybe we need to take a hint from rec.humor.funny.reruns?