---------- Forwarded message ---------- Date: Fri, 22 Dec 2000 17:45:49 -0600 From: "NetW3.COM Consulting" To: BUGTRAQ@SECURITYFOCUS.COM Subject: Massive Vulnerabilities Discovered SERIOUS VULNERABILTY AFFECTS ALL VERSIONS OF UNIX AND WINDOWS A serious vulnerability has been found in all versions of Unix and Windows. This problem most likely affects all other systems as well. It has been found that computer systems must be physically moved prior to installation at a computing facility. Moreover, when these systems are transported, they are usually moved at some point by human beings. Obvious insecurity Inc. has found that a serious DOS attack can be waged on these systems when attackers stand on top of a building high above the area where a system is being moved at the proper time interval. The attackers toolkit consists of a long range flamethrower, a large sledgehammer, and concussion grenades. If the attacker has perfect timing, they may drop the sledgehammer/light the flamethrower/drop the grenade onto the target system in question, thereby creating a DOS condition. This scenario can be spread easily through a coordinated attack, but this has yet to be seen in the wild. Vendors have been notified 1.5 minutes ago, but have so far proven that they are incompetent by not releasing patches or sending a reply to our email. Therfore, in the interests of full disclosure, we are making these shocking results public, since YOU have a right to know. This earth shaking, trend setting vulnerability has been discovered by Obvious Security Inc. We hope to overwhelm bugtraq and the other lists with our skills so we can make more money and have more prestige in the computer security industry. Remember - "Just because it's right in your face, does not mean that it's obvious". Obvious Security Inc. Bulletin #2600