www.cyberslayer.co.uk
Home
#
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z



Please E-mail Cyberslayer.co.uk.

OK, we admit it this is a honeytrap. Sorry if your joke is on this website but it brings in a huge amount of S|P|A|M everyday which can then be used as a template to filter e-mails.

D|O| |N|O|T| |S|E|N|D| |A|N|Y| |E|-|M|A|I|L|S| |T|O| |T|H|I|S| |A|D|D|R|E|S|S| |T|H|E|Y| |W|I|L|L| |A|L|M|O|S|T| |C|E|R|T|A|I|N|L|Y| |B|E| |F|L|A|G|G|E|D| |A|S| |S|P|A|M|.|

You can however read and enjoy these jokes.
 

 CERT Advisory, CYBERSLAYER.co.uk - jokes 


 =======================================================================
 CERT(sm) Advisory CA-96.13
 July 4, 1996

 Topic: ID4 virus, Alien/OS Vulnerability

 -----------------------------------------------------------------------

 The CERT Coordination Center has received reports of weaknesses in
 Alien/OS that can allow species with primitive information sciences
 technology to initiate denial-of-service attacks against
 MotherShip(tm) hosts.  One report of exploitation of this bug has
 been received.

 When attempting takeover of planets inhabited by such races, a trojan
 horse attack is possible that permits local access to the MotherShip
 host, enabling the implantation of executable code with full root
 access to mission-critical security features of the operating system.

 The vulnerability exists in versions of EvilAliens' Alien/OS
 34762.12.1 or later, and all versions of Microsoft's Windows/95.
 CERT advises against initiating further planet takeover actions until
 patches are available from these vendors.  If planet takeover is
 absolutely necessary, CERT advises that affected sites apply the
 workarounds as specified below.

 As we receive additional information relating to this advisory, we
 will place it in

         ftp://info.cert.org/pub/cert_advisories/CA-96.13.README

 We encourage you to check our README files regularly for updates on
 advisories that relate to your site.

 -----------------------------------------------------------------------

 I.    Description

       Alien/OS contains a security vulnerability, which strangely
       enough can be exploited by a primitive race running the Mac/OS.
       Although Alien/OS has been extensively field tested over
       millions of years by EvilAliens, Inc., the bug was only
       recently discovered during a routine invasion of a backwater
       planet.  EvilAliens notes that the operating system had never
       before been tested against a race with "such a kick-ass
       president."

       The vulnerability allows the insertion of executable code with
       root access to key security features of the operating system.
       In particular, such code can disable the NiftyGreenShield (tm)
       subsystem, allowing child processes to be terminated by
       unauthorized users.

       Additionally, Alien/OS networking protocols can provide a
       low-bandwidth covert timing channel to a determined attacker.


 II.   Impact

       Non-privileged primitive users can cause the total destruction
       of your entire invasion fleet and gain unauthorized access to
       files.


 III.  Solution

       EvilAliens has supplied a workaround and a patch, as follows:

       A. Workaround

          To prevent unauthorized insertion of executables, install a
          firewall to selectively vaporize incoming packets that do
          not contain valid aliens.  Also, disable the "Java" option
          in Netscape.

          To eliminate the covert timing channel, remove untrusted
          hosts from routing tables.  As tempting as it is, do not use
          target species' own satellites against them.


       B. Patch

          As root, install the "evil" package from the distribution
          tape.

          (Optionally) save a copy of the existing /usr/bin/sendmail
          and modify its permission to prevent misuse.



----------------------------------------------------------------------------
 The CERT Coordination Center thanks Jeff Goldblum and Fjkxdtssss for
 providing information for this advisory.

----------------------------------------------------------------------------

 If you believe that your system has been compromised, contact the
 CERT Coordination Center or your representative in the Forum of
 Incident Response and Security Teams (FIRST).

 We strongly urge you to encrypt any sensitive information you send by
 email.  The CERT Coordination Center can support a shared DES key and
 PGP. Contact the CERT staff for more information.

 Location of CERT PGP key
          ftp://info.cert.org/pub/CERT_PGP.key

 CERT Contact Information
 -------------------------
 Email    cert@cert.org

 Phone    +1 412-268-7090 (24-hour hotline)
                 CERT personnel answer 8:30-5:00 p.m. EST
                 (GMT-5)/EDT(GMT-4), and are on call for
                 emergencies during other hours.

 Fax      +1 412-268-6989

 Postal address
         CERT Coordination Center
         Software Engineering Institute
         Carnegie Mellon University
         Pittsburgh PA 15213-3890
         USA

 CERT publications, information about FIRST representatives, and other
 security-related information are available for anonymous FTP from
         http://www.cert.org/
         ftp://info.cert.org/pub/

 CERT advisories and bulletins are also posted on the USENET newsgroup
         comp.security.announce

 To be added to our mailing list for CERT advisories and bulletins,
 send your email address to
         cert-advisory-request@cert.oem

 Copyright 1996 Carnegie Mellon University

 This material may be reproduced and distributed without permission
 provided it is used for noncommercial purposes and the copyright
 statement is included.

 CERT is a service mark of Carnegie Mellon University.



# | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z
Top