GOBBLES-01.txt
Heap overflow in gzip which can be remotely exploited via ftp conversions to gain root access through various ftp daemons.
md5sum: 14f285b547846aa19db2bdaf111dedf9
GOBBLES-02.txt
Off-by-one overflow in Acme.com's "secure" webserver thttpd that theoretically would allow a remote attacker to gain the privilages of the system user that the daemon runs as.
md5sum: de16d4ead945caf003523e92048a90f8
GOBBLES-03.txt
Remotely exploitable condition in Berkely's finger that allows an attacker to execute any commands they want with the privilages of the webserver.
md5sum: 36f82d8026484339038127f6ed92f5e0
GOBBLES-04.txt
Yahoo! Messanger uses insufficient encryption measures which allow a "captured" encrypted password to be replayed for authentication.
md5sum: 4ceab793ffe8e472272c8848279e3585
GOBBLES-05.txt
Information leak bug in Netscape Mail that allows a penetrator to determine the system login name of the user, which may vary from the account name from the email address.
md5sum: 7ed1ff95ddc1f91aecdc5254dcc9571e
GOBBLES-06.txt
Unencrypted infrared communications between Hewlett Packard calculators might can be intercepted by a third party, leading to vital trade secrets being stolen. This exceeds the level of @stake's PDA research.
md5sum: bf1564f46238420d4b8e978fb91c2c39
GOBBLES-05.9.txt
Revised version of #6, tailored to be suitable for The Blue Boar's mailing list.
md5sum: 3acc3d8220050c2ee32d89af207e9e95
GOBBLES-07.txt
Bufferoverflow in Roxen's libraries cause multiple insecurities.
md5sum: 0c20c39bfb7ef4d3b6b2754bce87c624
GOBBLES-08.txt
Directory traversing bug in socalled secure "AntiWeb" webserver.
md5sum: 1c2bcbb8c4d074b36812bed551c34edd
GOBBLES-09.txt
Insufficient logging in OpenSSH's sftp implementation allows "stealth" browsing of a filesystem.
md5sum: d4359c902bc1645c02b35509b1c867b3
GOBBLES-10.txt
Local format string in runas yields local root access to anyone with permissions to execute runas, whether or not runas is configured for that user or not.
md5sum: 469c49e061e207f17f63636c366634ed
GOBBLES-11.txt
Local root hole in "super sniffer" Ettercap. This advisory began a long period of drama between the Ettercap authors (self proclaimed hackers) and GOBBLES Security members. It's self evident as to who came out on top.
md5sum: ddb3503ad498831f40b2cc016e75f343
GOBBLES-12.txt
Remote root hole in Ettercap. Yeah, they tried to mock us for this one too, but hey -- it worked. It also has a lame bug in it, that jnathon tried to mock us for, but he's an OpenBSD developer that doesn't really know much about programming anyways, let alone secure programming. Jeff, we hate you and your boyfriend Theo. ;PppPPPppPPppp
md5sum: 61979b9bfea828c885e19775af111d64
GOBBLES-13.txt
Local root hole in FreeBSD port package wmcube-gdk, which is setuid kmem. Exploitation allows kernel memory to be read, which makes elevating privilages further to root a trivial task.
md5sum: 5974d9fe4620d078a3e891d81533dada
GOBBLES-14.txt
Webmin "man" module allows a remote attacker to gain root privilages on a vulnerable server.
md5sum: 7010e1768e493057640c65710cea6b69
GOBBLES-15.txt
mod_brainfuck overflow that will blow your mind.
md5sum: 0c3bf9039d33900ac921db9f65bc943a
GOBBLES-16.txt
Platform / distribution local root hole in all versions of the Linux Kernel due to incorrect permissions in source tarball. We were laughed at for this one too.
md5sum: c6b147d8c76136e2aff734d38472b474
GOBBLES-17.txt
Remote root hole in Perdition, a popular mailserver, even used by our beloved Tracy from mp3.com.
md5sum: da52ed7ec6dac2933f7a03f646114f42
GOBBLES-18.txt
Multiple remote holes in Cherokee Webserver.
md5sum: 2442000ef9092bc4d865c3d86c39deda
A few advisories are missing. We were "moderated" and not allowed to post to various mailing lists for a while, so we decided to not publish any of the materials discovered during this period, including preauthentication OpenSSH bug(s), remote Apache bug(s) [hi ISS, how's it feel to follow the leader?], and various rpc exploits. Think we're bluffing?
GOBBLES-31.txt
Remote preauthentication format bug in popular network monitoring tool NTOP.
md5sum: f173dd6ffe7f39d7ba538522df93de8f
GOBBLES-32.txt
Remotely exploitable format bug in rpc.walld, which affects all default installations of Sun Solaris 6-8, and possibly others. We achieved much fame from this publication.
md5sum: bd7d19e99a3969b15042f1c09aee4174
GOBBLES-33.txt
The next generation in Cross Site Scripting.
md5sum: 73a0bd6fbf15fb113c5d0dac6d83bf7a
GOBBLES-34.txt
Local root comprimise via GNU screen. Author refuses to patch he software.
md5sum: c54d9ab2bfc54d68cd5f0144d4597982
GOBBLES-35.txt
Multiple Vendor Remote talkd Vulnerability, this was initially discovered by K2/antisec and researched by jimjones/antiSec when it was fully disclosed to the public by K2 with OpenBSD (Theo doesn't want to admit that it actually was remotely exploitable, hehehe, at least ADM finally got their way with OpenBSD and broke OpenBSD's default security claim, hehe, GOBBLES did this long ago but Theo won't admit to it!).
md5sum: 64a35dd7404e36e20601a39d0169e795
GOBBLES-36.txt
Remote stack overflow in IRCit IRC client, may be similar to the bug that doug sniff claims comprimised monkey.org.
md5sum: 0bcc173b37a36d71fbd184013852ab0e
GOBBLES-37.txt
Backdoor/remote overflow in some .kr guy's MSN sniffer.
md5sum: 28bc8f5945491afa5491892f7a87bc94
GOBBLES-38.txt
.kr guy tries to pretend there isn't a backdoor, and claims his code is perfect. GOBBLES saves the day again.
md5sum: 44bc883091dcd59b75071d90ac3e2e95
Historical
The GOBBLES CGI Marathon
Full Disclosure effort quickly killed by Dave Ahmed and The Blue Boar.
GCGIM-001.txt
Issues with Adrotate Pro.
md5sum: 8ed2cc402a4fe091c69b81756031dc28
GCGIM-002.txt
Issues with Adcycle.
md5sum: 0e0c2e4c6f8c30b83a25d86ad7fe9d65
GCGIM-003.txt
Issues with Adstreamer.
md5sum: 0ddce74f3516a9f34e77fa8cf8ade086
GCGIM-004.txt
Issues with QwikAd.
md5sum: 795ead4870df2715564e3fca2e60bf1b
back to main.