- Vuln: Mahara Resume Blocktype Cross Site Scripting Vulnerability
- Vuln: Mahara Admin Password Reset Security Bypass Vulnerability
- Vuln: Cisco VPN Client for Windows 'StartServiceCtrlDispatche' Local Denial of Service Vulnerability
- Vuln: HP OpenView Network Node Manager 'ovdbrun.exe' Denial of Service Vulnerability
- Vuln: PHP Versions Prior to 5.3.1 Multiple Vulnerabilities
- Vuln: KDE KDELibs 'dtoa()' Remote Code Execution Vulnerability
- Vuln: PEAR Sendmail 'From' Parameter Arbitrary Argument Injection Vulnerability
- Vuln: IBM Rational Products Multiple Cross Site Scripting Vulnerabilities
- Vuln: Drupal Gallery Assist Module Node Title HTML Injection Vulnerability
- Vuln: Drupal Printfriendly Unspecified HTML Injection Vulnerability
Rules & Regulations
GSO Rules & Regulations
Rules:
Thank you to dissolutions and the rest of the admin team for putting this together.
1) No Posting of warez/copyrighted content up to and including copyrighted source code.
2) Posting of IP addresses, email addresses, domains vulnerable hosts etc is strictly forbidden. When explaining you can utilize internal IP addresses, or syntax such as: 192.168.0.45, xxx.xxx.xxx.xxx, http://********.com
3) No How to hack questions or compiling requests, if you are asking with regards to specific break attempts the system must be yours or your company. If it is an unauthorized system owned by a third party, it is against the rules. Any how to hack questions, "How do I hack FTP V1000.4?" or "Can you hack SMTP V5743.23 for me?" questions will result in a warn point.
4) Extreme profanity is not allowed on this forum, there is a small censor running right now, We hope you can use common sense so we don't have to make it a large censor. As well member names shall not contain profanity, vulgarity or be insulting to others.
5) Spamming of any type will not be tolerated. If you are found at fault you will be warned and/or banned.
6) As of this time signature blocks can contain URLs to your own personal site. The size of your signature block should not be extreme as to attract from forum posts. Your signature cannot contain images.
7) Flaming, trolling and the likes is strictly prohibitted.
8) Multiple accounts are not allowed, if you are found at fault all faulting names will be banned and removed. This includes registering for friends, or saving a friends spot.
9) Anybody whose account has been compromised due to a weak password, their account will be reduced to trial member status.
10) ServU, IRC Bots, DDoS bots, Botnets, IRoffer requests, configuration files and how to set up questions are forbidden on the forum, However we greatly encourage the conversations regarding disinfection, the newest methods of scanning and prevention, virus signatures and output data files and the likewise to a more white hat approach onto this subject matter.
11) Posting one word replies such as "Thanks", will result in a warn point, multiple violations will result in suspension or removal. Posts should be based on quality not quantity.
12) Posting of virii without clearly labelling for everybody in the general public usage may know that it is virii is strictly prohibited. If you offend this rule your private information will be turned public, your ISP will be notified with logs and proof of such activivities.
13) Proxy listings should be of your OWN, if you are found copying lists you will be warned, multiple warnings will lead to banning.
14) Attacks on the forum, in any sense includes XSS, SQL injection anything that can be found to be malicious to the users of GSO or the server itself will be dealt with by banning, and the attacker's IP will be released to the wild, while their ISP will be notified.
15) NO signature Images (amended 23/10/2006)
16) NO sites advertised in signatures unless you are the admin or domain registered owned , we do NOT tolerate spamming
General good behavior:
1. Posting research that you have done a certain exploits as to how they work, or how they are performed.
2. The posting of virus information or code, this leads to see great discussion and is encouraged.
3. The posting of Internet resources that may help other users in request for additional knowledge. Please refer to our spam rules on how do this properly.
4. The posting of procedures used when performing a security audit is a great resource and helps out many of the professionals that view the site.
5. Searching before you post as to prevent duplicate threads.
Warn points, the warn bar and the warning system
The warn bar is on every member. Each member starts with 0%. As you are warned you percentage increases in increments of 10%. For those having a warned percentage of 30% or more will face administrative punishment. This is to help moderators and administrators to discerning who is to be promoted etc. But also for users as an arrow in a large quiver of options in deciding wether a source is reputable, trustworthy and safe to follow. [BN says: All warn points and the bar itself are, uhhh, only seen by admins & mods.]
Removing Warning Points
if you received a warning ...you can ask the admin team member to review your status after 3mths to remove the warning providing you have NOT received more than one warning.... please contact the team member who gave you the warning
if you have been warned several times... the 3mth period dont apply to you ...its then up to the admin team member discretion regarding your conduct and status
User Ranks/User Groups:
There are 3 public usergroups:
i. Trial Members (Black)
-This is the usergroup you are immediately put into as you register, you'll have to post until you are sponsored by somebody of the specialist group or a moderator/admin. Trial Members have limited access to the forum, such as not being able to start a thread except for in forum title "Trial Member Forum", a delay between postings, unavailability of file downloads nor can Trial Members upload files. They are restricted from the Exploit Sections as well as the File Download sections.
ii. Members (Blue)
-This is the common usergroup, people who have met the standards of a mod/admin or Specialist, are upgraded here, they have full access to the forum.
iii. Specialist (Purple)
-This is a special position in the usergroup ranking, you need to be sponsoured by a mod/admin to become nominated, and than a local vote is tallied. They have full access to the forum.
Private usergroups:
Administrators (Red)
Moderators (Green)
Member Ranking: Post count no longer affects member ranking. Rank is determined by quality alone.This is solely based on post count, it doesn't reflect anything of knowledge or level of expertise.
