[prev in list] [next in list] [prev in thread] [next in thread]
List: best-of-security
Subject: BoS: (fwd) Re: **$10,000 Internet Security Challenge**
From: Julian Assange <proff () suburbia ! net>
Date: 1995-11-20 22:34:53
[Download RAW message or body]
Path: core.apana.org.au!goanna.cs.rmit.EDU.AU!news.rmit.EDU.AU!harbinger.cc.monash.edu.au!yarrina.connect.com.au!munnari.OZ.AU!spool.mu.edu!pravda.aa.msen.com!cssun.mathcs.emory.edu!swrinde!tank.news.pipex.net!pipex!news.mathworks.com!newsfeed.internetmci.com!in2.uu.net!news.alias.net!not-for-mail
From: ghio@netcom.com (Matthew Ghio)
Newsgroups: alt.2600.hackerz,alt.2600,alt.cracks,comp.security.misc
Subject: Re: **$10,000 Internet Security Challenge**
Date: 17 Nov 1995 09:48:59 -0800
Lines: 32
Message-ID: <48ihubes@news.alias.net>
References: <48cm6q$dov@uiah.fi>
Xref: core.apana.org.au alt.2600:14677 alt.cracks:1201 comp.security.misc:4350
In article <48cm6q$dov@uiah.fi>, Samu Mielonen <ace@tidbits.com> wrote:
>Caught this from the latest TidBits:
>
> ---- BEGIN INCLUDED MESSAGE ----
>
>
>**$10,000 Internet Security Challenge** -- I wrote about the
> WebMaster Macintosh security challenge back in TidBITS-295_ and,
> as expected, no one was able to break WebSTAR's security and claim
> the prize of free passes to the WebEdge conference. Now the stakes
> have increased. Seven companies - StarNine, EveryWare, Maxum,
> ComVista Internet Solutions, WebEdge, Digital Forest, and Westwind
> Computing - have joined forces to offer a more lucrative prize of
> $10,000. The new challenge is similar: you must break WebSTAR's
> security to find information that's isn't available to the public
> and report it by midnight on 30-Nov-95. Check out the rest of the
> details online if you are interested. [ACE]
>
>http://challenge.comvista.com/
>
> ---- END INCLUDED MESSAGE ----
>
>Any takers? :)
Well, I don't know about breaking the password, but it was remarkably easy
to crash their server by sending it a too-long GET request. Seems like it
would be possible to drop some code on the stack with this. Unfortunately
my 680x0 skills are a bit weak, so I won't be claiming the prize.
Although I expect that they will fix this bug now that they have to reboot
their machine, it does not bode well for their security...
--
+----------------------------------+-----------------------------------------+
|Julian Assange | "if you think the United States has |
|FAX: +61-3-9819-9066 | has stood still, who built the largest |
|EMAIL: proff@suburbia.net | shopping centre in the world?" - Nixon |
+----------------------------------+-----------------------------------------+
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic