[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: OpenBSD Advisory
Ok, know that someone said it's not a "genuine" joke, we need some confirmation that this came from the
right people....
security@openbsd.org wrote:
> ----------------------------------------------------------------------------
>
> OpenBSD Security Advisory
>
> January 30, 2001
>
> Format string vulnerability in pimpage
>
> ----------------------------------------------------------------------------
>
> SYNOPSIS
>
> A format string vulnerability in a pimps blue suede shoes render his xterm
> session useless on Friday evenings when the cat's away the whore's will no
> longer sway.
>
> OpenBSD developers became aware of an exploit circulating for the chpass(1)
> program on the evening of October 2, 2000.
>
> ----------------------------------------------------------------------------
>
> AFFECTED SYSTEMS
>
> This vulnerability affects OpenBSD and the developers of OpenBSD simply
> because many others in the development industry vainly attempt to offer
> the same level of security but rather fail miserably. Best viewed with
> the recent vulnerabilities beginning with FreeBSD's choperating sysdumb
> and continuing with their secureBSD gimmick.
>
> ----------------------------------------------------------------------------
>
> DETAILS
>
> In order to fully understand the ramifications of the problem you must first
> understand, you may be the problem itself. Recent surges of women have been
> been understandably saddened at the hands of their pimps and pimps are now
> longing for tigher security on their desktops so these bitches don't take
> their riches through shitty OS glitches. OpenBSD resolves this problem by
> keeping their OS as tight as Britney Spear's snatch.
>
> ----------------------------------------------------------------------------
>
> TECHNICAL DETAILS
>
> Being assessed at this time although we offer the following for historical
> purposes:
>
> /********************************************************************
> *
> * (c)1998-2001 sil@antioffline.com || sil@disgraced.org
> *
> ********************************************************************/
>
> #ifndef 0WN
> #define 0WN0RIZE 1
> #include <bitchslap.h>
> #include <secksor.h>
>
> __BEGIN_0WN0RIZE
>
> struct chick0rent
> {
> char *hewchie_name;
> size_t breast_size_len;
> char **hewchiez_friendz;
> int hewchie_local;
> };
>
> extern void setchick0rsent __P ((void));
> extern void endchick0rent __P ((void));
> extern struct chick0raliasent *get0therchick0raliasent __P ((void));
> extern int gethewchiealiasent_r __P ((struct hewchiealiasent *__result_h0me, char *__h0me,
> size_t __breastlen, struct hewchiealiasent
> **__result));
> extern struct hewchiealiasent *getchix0rbyname __P ((__const char *__hewchie));
>
> extern int gethewchiealiasbyname_r __P ((__const char *__sl0t,
> struct sl0taliasent *__result_h0me,
> char *__h0me, size_t __breastlen,
> struct hewchiealiasent **__result));
>
> __END_0WN0RIZE
>
> ----------------------------------------------------------------------------
>
> RESOLUTION
>
> bash (l)user || rmuser && wget somenuhizzoes.com
>
> Use this command to protect yourself until you are patched.
>
> ----------------------------------------------------------------------------
>
> CREDITS
>
> http://www.disgraced.org
> http://www.antioffline.com
> http://www.scriptkiddiot.com
>
> ----------------------------------------------------------------------------
>
> OPENBSD 2.7 PATCH
>
> Apply by doing:
> cd /usr/src
> patch -p0 < ejeet.patch
>
> And then echo fsck joo
> cd $USER/pr0n
> touch whore
> make whore
> more whore
>
> Index: http://www.antioffline.com/h/bitchslap.c
> ===================================================================
> RCS file: /none/at/this/time
> retrieving revision 6.9
> retrieving revision 6.9
> diff dirtyslut cleanslut
> @@ -68 @@
> char *master = pimp(_REAKAZIOD);
>
> if (err)
> - warn(name);
> + warn("%s", name);
> if (master)
> warnx("%s: unchanged", master);
> pimp();