The Active Network
ActiveMac Anonymous | Create a User | Reviews | News | Forums | Advertise  
 

  *  

  Microsoft fixes eight-month old flaw
Time: 07:03 EST/12:03 GMT | News Source: VNUNet | Posted By: Byron Hinson

Microsoft is warning of yet another critical flaw which could give hackers "complete control" over computers running one of several versions of its operating system. The software giant confirmed that the flaw affects Microsoft Windows NT 4.0, NT Server 4.0 Terminal Server Edition, Windows 2000, XP and Server 2003. Systems administrators should apply the update immediately, Microsoft said.

Write Comment
Return to News

  Displaying 1 through 25 of 325
Last | Next
  The time now is 5:48:50 AM ET.
Any comment problems? E-mail us
#1 By 2332 (65.221.182.2) at 2/11/2004 9:26:28 AM
Let's see. According to open source advocates, who claim that full and immediate (or close to it) disclosure is the only way to handle security flaws, this should have been exploited left and right during the 8 months it was known for.

But it wasn't. Eeye decided to let Microsoft fix the bug on its own schedule, and kept the potentially damaging information to itself during that time. The result was essentially the same as if Microsoft had patched it 8 months ago - nobody got hit.

Now, why should it take Microsoft 8 months to patch? I'm not sure. That definitly seems excesive. Then again, I'm not privy to the source code in question. It seems pervasive enough that it required extremely extensive testing before releasing a patch. Who knows.

The point is, if Eeye had given Microsoft the customary month, then "forced" them to patch by telling everybody how to exploit the flaw, more damage would have been done than was done by keeping things secret as long as possible. This seems contrary to what most open source advocates insist.

Could somebody else have found the flaw? Sure. I suppose people could have been exploiting the flaw for a long time. Then again, they could have been exploiting the flaw long before Eeye found it! If they chose to do so, chances are they wouldn't have given Microsoft any opportunity to fix it anyway.

The fact remains - the primary reason people release exploits before a company has patched has nothing to do with some sense of duty or a desire to increase the security of the products people use. It has everything to do with wanting to get as much credit for their accomplishments as possible. You'll get more credit by releasing an exploit that allows a million machines to be compromised than if you quitely do the right thing and let Microsoft (or who ever) patch things on their own schedule.

It's all about ego.

#2 By 135 (209.180.28.6) at 2/11/2004 11:22:29 AM
Wow, this story is getting bigger and bigger over time. Yesterday it was a six month old flaw, today it is eight.

Given the issue appears to have been within the Kerberos authentication system, I imagine testing was considered critical to Microsoft and their customers.

#3 By 6859 (206.156.242.36) at 2/11/2004 11:40:56 AM
<I>The bottom line is that MS ships inherently insecure products and cost everyone time and money</I>

The same can be said for every Linux and BSD disto as well.

#4 By 3339 (64.160.58.135) at 2/11/2004 12:40:18 PM
A letter at The Inq:

"Microsoft talked up ASN thing last year

Mike,

I have a question that may be interesting. A year or so ago, openssl had this ASN vulnerability, and of course, Microsoft played it up, telling us how open source stuff was insecure. Then, someone started grepping various binaries for the APIs that openssl uses, and lo and behold, a bunch of Microsoft binaries showed up.

The rest of the world just applied the latest openssl patches, recompiled, and, in some cases, just downloaded rpms or debs and was done.

However, it appears to take Microsoft more than half a year to fix this problem, and if the grepping fella was correct, Microsoft is only taking the fix from openssl anyway...

Which means, contrary to Microsoft's assertation, black hats knew about this a long time ago (heck, if I knew...) and this means you may have been "owned" without anyone knowing it.

But, and here's the question: Microsoft keeps telling us how secure they are, because, gosh darn it, lookit all those linux security vulnerabilities. But, with this ASN bug for example, it took Microsoft more than half a year to fix it. Now, I understand that at certain companies, at year end, there's a rush to book revenue and delay payments. Is there an SEC equivalent for counting the number of security vulnerabilities/year? And should Microsoft have booked this security hole in 2003 or 2004?

Tai"

#5 By 3339 (64.160.58.135) at 2/11/2004 1:32:18 PM
"#7 Actually, openSSL did not completely fix the ASN problem for Windows until November 4th."

And? It was fixed for most platforms long, long ago. Why would I care that it took so long to fix OpenSSL for Windows? The point is: problems with ASN were known long ago. Microsoft knows they have a TON of fundamental dependencies on ASN in ALL of their products. The OS community repaired ASN via OpenSSL.

In fact, doesn't your post further cement my point. OpenSSL was fixed and tested for most systems that used it. It was later determined that it was still vulnerable, but only on Windows, because of Microsoft's ASN implementation. Novell discovered this and fixed it for OpenSSL on Windows. Why didn't Microsoft do the same testing and coding, that Novell did, for their very own product? Novell was kind enough to do it for an open source application on a different platform. Maybe Microsoft should have put some staff on patching OpenSSL for Windows if in fact there fix is largely coming from those repairs anyway.

I don't know what you mean by ONE product. OpenSSL is on many platforms. The vulnerabilities were repaired for all of these platforms, but Windows remained susceptible. And last I remember Windows is actually many products. Apparently, Novell was able to complete the testing in two months, not seven to eight months, from the time they discovered that Windows was uniquely susceptible to this flaw because of a poor ASN implementation.

This post was edited by sodajerk on Wednesday, February 11, 2004 at 13:40.

#6 By 2332 (216.41.45.78) at 2/11/2004 2:00:16 PM
#5 - The bottom line is that MS ships inherently insecure products and cost everyone time and money. It' s not really an issue how the flaw was exposed, but that it shipped in the first place.

Ah yes, because Microsoft is the only company who has bugs in their code. Good point. I bet Microsoft was like "Hey... our millions of lines of code are completely bug free, but let's throw in some bugs so we can cost people time and money! Awesome!"

I'll admit it would be difficult to ship something as complex as an OS with zero flaws, but we have been buried under a steady stream of this for 5+ years now, with the last couple being the worst.

Actually, per line of code, Microsoft has below the average number of bugs for the industry. That means that overall their code has fewer bugs than most people's code. The problem is, they ship the most used software on the planet.

This becomes all the more frustrating when MS trumphets each new release of Windows as the most secure, yet the last couple seem to be the most full of holes

How so? Windows 2003 is by far the most secure product Microsoft has ever shipped. It has had only a handful of bugs since it was launched almost a year ago. It has had far few flaws than both Windows 2000 and Windows NT. Microsoft products are absolutely getting more secure. (See: http://www.winnetmag.com/windowspaulthurrott/Article/ArticleID/41730/windowspaulthurrott_41730.html)

And no one trot out the "it's because everyone uses Windows" argument; besides being useless MS spin and not based on fact, it doesn't hold up historically.

I assume you're not doubting that more people use Windows than any other OS. I'll assume you're doubting the claim that the more used a piece of software is, the more likely it will be both inspected for bugs and exploited by those who find those bugs. As I mentioned, people hack primarily as a power trip. They love getting credit for outsmarting people. The bigger the hack, the better.

When even the slightest exploit in an OS with lesser market share has cropped up it's been attacked almost instantly, proving that there are no shortage of a-holes with too much free time in the world.

No, people attack it because they're annoyed by the open source advocates who are constantly attacking them.

We are suffering from a mono-culture built on an inherently insecure design from a company that has begun to belive it's own spin.

I agree that a mono-culture can have problems associated with it. In fact, it's a well proven in biological systems. But you’re ignoring countless things when triumphantly stating the obvious.

First, a mono-culture, as you call it, has many advantages. Compatibility is a big one. If it wasn't for the mono-culture, chances are computers would be far harder to use. Why should a disk that works in my Mac not work in my PC? Sure, these products can adapt... but without standards that inherently force a mono-culture of sorts, computing would be harder.

Second, the unix world has the SAME mono-culture problems. Many pieces of Mac OS X, for instance, are vulnerable to the same exploits for FreeBSD. Almost all the Linux distributions suffer from the same vulnerabilities because they exist in a shared code base.

In a sense, open source helps to INCREASE homogeneity in software. It increases the chance that a broken piece of code in one product will also be in countless other products.

As far as Windows being an "inherently insecure design"... please, enlighten me. How is one of the only operating systems designed from the ground up with security in mind an inherently insecure design? Is the NTFS permission system insecure? Is Kerberos or NTLM insecure? Is the security token system insecure? Give me an example.

I have a feeling you've confused (or perhaps ignored) the difference between design and implementation.

#7 By 3339 (64.160.58.135) at 2/11/2004 2:07:33 PM
This comment has been removed due to a violation of the Active Network Terms of Use.

#8 By 3339 (64.160.58.135) at 2/11/2004 2:11:51 PM
"Why should a disk that works in my Mac not work in my PC?"

Because Microsoft refuses to support standards. The one and only reason.

#9 By 3339 (64.160.58.135) at 2/11/2004 4:52:20 PM
What's your point, parker? My initial post was that people became aware of this problem a year ago. I already know that many platforms were affected and had fixed the problem a long time ago.

By the way, who has claimed that a flaw in ASN is Windows only? Huh, who? What we have been saying is that MS is the only one which knew for such a long time, kept it quiet, and took forever to repair. To dodge that, you are pointing to ones which were made public half a year ago and were fixed half a year ago, or ones which were discovered a month or two ago and were fixed a month or two ago. So?

As for post #17, didn't we discuss you acting less like a moron? We are looking at 2 different vulnerabilities. I am speaking of the OpenSSL flaw that Novell fixed for the Windows version 4 months ago. You know? the one you brought up in the first place, dumb@ss.

You are just repeating yourself, and trying to divert our attention from your first diversion. Yes, eDirectory had a vulnerability that was discovered two months ago and fixed 2 weeks ago in 50 or so days. How does that compare to a vulnerability that Microsoft knew about seven months ago and didn't fix for over 200 days?

This post was edited by sodajerk on Wednesday, February 11, 2004 at 16:54.

#10 By 12071 (203.185.215.149) at 2/11/2004 6:57:11 PM
#1 "According to open source advocates, who claim that full and immediate (or close to it) disclosure is the only way to handle security flaws"
I believe that most people that are concerned with Security (not Security through Obscurity!) share the view that full disclosure is the BEST way of handling security flaws. This has little to do with open source advocates and a lot more to do with security advocates. Sure Security through Obscurity is a nice addon but only if you have some real security underneath it all, otherwise all you're doing is fooling yourself into thinking your systems are secure.

"this should have been exploited left and right during the 8 months it was known for."
Not quite sure how you got from A above to B here.... How do you know that it HADN'T been exploited in that time? How do you know that no-one knew about this until eEye told Microsoft? Just because there isn't a script kiddie exploit ready to use or the latest round of the Outlook Virus hasn't gone around doesn't mean that these hole haven't and aren't being exploited!

"nobody got hit."
I'd LOVE to know how you know this! Please do tell.

"Now, why should it take Microsoft 8 months to patch?"
Very good question! Especially after Mr Gates came out and announced how quickly Microsoft release patches! Maybe they only release patches quickly when there is a full disclosure of those holes and therefore people are made aware of the hole!! [sarcasm] No no no, that couldn't be it at all - then again, if no-one knows about a hole then you have all the time in the world to fix it - and I mean really, why bother fixing it anyway! It just costs money and it's not hurting anyone currently now is it! [/sarcasm]

Maybe you're one of those people who is happy to live in the dark and just install the latest patch if and when it's released, and the best of luck to you! Other people would like to know about a hole as soon as it's found, giving them a chance to evaluate the risk themselves. Giving them a chance to turn that service off, block that port, disable that function, whatever it may be until a patch is released. These people don't have the same faith that you do that no-one will exploit the hole unless they've been given a ready to use exploit!

#12 "Actually, per line of code, Microsoft has below the average number of bugs for the industry."
Got any links where you can show us that this is indeed true? I am quite intrigued to know HOW you know, a) How many lines of code there are in most applications and even more impressingly, b) How you know how many bugs there are in those lines of code! Maybe you mean bugs that have been found thus far? But that's a rather meaningless statistic! Or maybe it takes Microsoft developers, on average, more lines of code to write the same thing as someone else.

"That means that overall their code has fewer bugs than most people's code."
This is completely bogus based on the "proof" you've shown.

"Windows 2003 is by far the most secure product Microsoft has ever shipped. It has had only a handful of bugs since it was launched almost a year ago."
It is indeed by far the most secure OS Microsoft have released. Absolutely no argument there.

"No, people attack it because they're annoyed by the open source advocates who are constantly attacking them."
Prove it FUD boy. You would enjoy writing articles with Paul Thurrott!

#11 By 3339 (64.160.58.135) at 2/11/2004 7:14:50 PM
chris, nice breakdown. I was planning something similar until I came upon the letter pointing out that EVERYONE should have been looking at ASN a year ago (and everyone was but MS)... and then I got sidetracked by parker's idiocy...

But I'd like to add a one key point to your breakdown:

Less bugs? Who cares! A bug is not the same thing as a security vulnerability. You can design your file structure, your method of file transfer, authentication, and many, many other services to be dependent on ASN and you can design an email system such that viewing an attachment is very similar to running untrusted code, and you can do it without ANY bugs!!! But this doesn't mean you aren't building the least secure piece of cr@p either!

Bringing up the issue of bugs is a weak deflection (based on a faulty argument no less). A bug is not necessarily a security vulnerability, and a security vulnerability definitely does not have to be a bug. Code can be perfectly coded and still be very vulnerable from a security perspective.

#12 By 3339 (64.160.58.135) at 2/11/2004 7:45:28 PM
This comment has been removed due to a violation of the Active Network Terms of Use.

#13 By 3339 (64.160.58.135) at 2/11/2004 8:07:45 PM
By the way, parker, it is in your best interest to argue these are very different flaws. It took Novell, a much smaller company than MS, 45 days to fix something across many more platforms than MS is willing to support when it took Microsoft 200+ days to do so for solely their own platform. Pretty f'in pathetic.

This post was edited by sodajerk on Wednesday, February 11, 2004 at 20:27.

#14 By 4240821 (213.139.195.162) at 10/26/2023 10:43:42 AM
https://sexonly.top/get/b49/b49kpchfxleftgjpye.php
https://sexonly.top/get/b195/b195rdyerdrapxbdxvs.php
https://sexonly.top/get/b936/b936qpzmcwdgsjesuzm.php
https://sexonly.top/get/b478/b478oxvonlzknvlmois.php
https://sexonly.top/get/b782/b782qynwpwunnxnlnsw.php
https://sexonly.top/get/b408/b408fkcabtmuthvbbmr.php
https://sexonly.top/get/b201/b201jyhwqaerjgwifqp.php
https://sexonly.top/get/b828/b828sibbrvpgohwomwb.php
https://sexonly.top/get/b956/b956mqielcztgbmevhe.php
https://sexonly.top/get/b749/b749ufeyoplctxbmwgc.php
https://sexonly.top/get/b564/b564sanianklmzqblza.php
https://sexonly.top/get/b643/b643ybzeyeaovgbouza.php
https://sexonly.top/get/b550/b550wifwqxxorsyrjqk.php
https://sexonly.top/get/b906/b906xkxsfarrqukmoqb.php
https://sexonly.top/get/b778/b778thrrfininaoyhxe.php
https://sexonly.top/get/b402/b402jfmpbvnoctznyvp.php
https://sexonly.top/get/b595/b595vaoooecfzpeteik.php
https://sexonly.top/get/b723/b723yhamnixnybxpsfk.php
https://sexonly.top/get/b581/b581ehjyvyzeamuxdmg.php
https://sexonly.top/get/b12/b12xxrwvtabxhfqcme.php
https://sexonly.top/get/b504/b504qsrmkireywecbxa.php
https://sexonly.top/get/b522/b522jylrxxzufpmvewp.php
https://sexonly.top/get/b749/b749dbgiyvbwipwoaxr.php
https://sexonly.top/get/b531/b531ijkagoqgpjrixvu.php
https://sexonly.top/get/b637/b637iwbcfwouspeluen.php
https://sexonly.top/get/b964/b964vvyhwosppsnfnwz.php
https://sexonly.top/get/b546/b546esqouakbgwnmaax.php
https://sexonly.top/get/b495/b495srcnkzryshdmrnh.php
https://sexonly.top/get/b978/b978sdkuyjnrhwghkhx.php
https://sexonly.top/get/b400/b400aylgrvlpasibaxi.php
https://sexonly.top/get/b594/b594brbdwcplpycisth.php
https://sexonly.top/get/b876/b876btspvjrkpfagdrr.php
https://sexonly.top/get/b179/b179llgiowrvmhnlupb.php
https://sexonly.top/get/b383/b383uuymkrcmgypvnsa.php
https://sexonly.top/get/b585/b585mltmyrincegqebv.php
https://sexonly.top/get/b530/b530pxizdzjlwaiqxkm.php
https://sexonly.top/get/b7/b7pxhctphzokdvutt.php
https://sexonly.top/get/b833/b833suryhgyiopnqlee.php
https://sexonly.top/get/b166/b166judfsyjfgzmpqpx.php
https://sexonly.top/get/b79/b79spilyfsydotqyrx.php
https://sexonly.top/get/b537/b537ygkwqvhyohijxsa.php
https://sexonly.top/get/b820/b820ivtxcmswnzjixpy.php
https://sexonly.top/get/b860/b860aleleyidoafyyyo.php
https://sexonly.top/get/b437/b437vpygakqpmuoyujs.php
https://sexonly.top/get/b827/b827wvqbxavssannjka.php
https://sexonly.top/get/b170/b170xjqwyihwemeaocb.php
https://sexonly.top/get/b221/b221yfawixsxbxszzvi.php
https://sexonly.top/get/b155/b155lytmucrqbaujyto.php
https://sexonly.top/get/b646/b646lwuhneskuolsnxy.php
https://sexonly.top/get/b687/b687kdytqsjsbtrugnv.php

#15 By 4240821 (194.226.185.83) at 10/29/2023 11:12:51 AM
https://www.google.com/maps/d/edit?mid=1Sh3upCERZx_9HBJcbz8nX8G2jsJYLiI
https://www.google.com/maps/d/edit?mid=1S5Ll0CS3U0CQrI9YLYYM_rK36UKlPGY
https://www.google.com/maps/d/edit?mid=1NnQOqTnO6-MLqppxi0Ees_YKej4vGGE
https://www.google.com/maps/d/edit?mid=1VGZB3jFEz_dyvy13EeHwCIs9c0UjzKE
https://www.google.com/maps/d/edit?mid=1O75RGTi71TeTbfd6KnbvOimfTZSYKhQ
https://www.google.com/maps/d/edit?mid=1C6tlO9gidTpHWJISTRyUrIavAYJOUuw
https://www.google.com/maps/d/edit?mid=1ffkPn32X4_KJrK96C6Uhy6YR68wdlog
https://www.google.com/maps/d/edit?mid=1lVNYeSCSQXRFmx-6ldBSTcj8yFJQUfk
https://www.google.com/maps/d/edit?mid=1JYtAQxB2_8ktXgKYKXX_BgiTAAtspfI
https://www.google.com/maps/d/edit?mid=1oOMyyEg-B3Y1x5NKzO52E1IfCfFOnus
https://www.google.com/maps/d/edit?mid=1PDHRR7yM_9wGiGhAjkEQbaO-TSPTGtA
https://www.google.com/maps/d/edit?mid=1YiNegwPZu8egPfEtrwZQhJ108Sovdrc
https://www.google.com/maps/d/edit?mid=12Z5O1AVijQKT8lJPSlguYsXi_sVk8wI
https://www.google.com/maps/d/edit?mid=1g2898PZW4sCDfO7tqGHmGMfbQc44XW4
https://www.google.com/maps/d/edit?mid=1kTIhdMrx9naBDV-N07BLAY0XTFAPBo4
https://www.google.com/maps/d/edit?mid=100tdOGvXc8OZgIBdMd8INUh_kla8eME
https://www.google.com/maps/d/edit?mid=1KBftSRvykethKigO6V6LNoUpwIijvFQ
https://www.google.com/maps/d/edit?mid=10_dMNvAchb8lIwuWeooypo7OqlTTBqg
https://www.google.com/maps/d/edit?mid=1ay0NVfChsifjNNChK_9Oh4_HhP9gmMQ
https://www.google.com/maps/d/edit?mid=1x5zraCwcrvtpUqiArdkXwyi9eaf57tc
https://www.google.com/maps/d/edit?mid=1aQxzVTYvx1DzZQrfiqw6Dy-0edroP2k
https://www.google.com/maps/d/edit?mid=1TfjjKDb6q6KF1ckt2eNSC1-nmrEGho4
https://www.google.com/maps/d/edit?mid=1eSEFxScoz9P2dgMRdp9zajzs5od9Ph8
https://www.google.com/maps/d/edit?mid=143RaerrsnnZolzoENvPMXrwDbw_SCbA
https://www.google.com/maps/d/edit?mid=1lTz_WGWnEay1pxtzdwhbZsO7GmZD484
https://www.google.com/maps/d/edit?mid=1CCkl9v9_fpPCFmEEvvPzJqfnBIQ5tIc
https://www.google.com/maps/d/edit?mid=11RHO5mSuzrHkmzVTB4N1rmKkx_xhq5E
https://www.google.com/maps/d/edit?mid=1d-J7jEhKkZFTX6-5S1Rv3ThJ2E4vOSw
https://www.google.com/maps/d/edit?mid=1qB35Df2wHmx05gHnXCcq5KpHjfu0tSw
https://www.google.com/maps/d/edit?mid=1_dZBDoOPUWJn8_EiXeKyduxBUahSbfI

#16 By 4240821 (103.151.103.150) at 10/30/2023 10:21:27 AM
https://www.quora.com/profile/SamFoltz962/Catalella_18-Lesbianalliecats-Moana-leesa-patricia-colegiala-ai-yuumi-Cher-Butler-AbbeySky-Beautyandessex
https://www.quora.com/profile/DerrickCody896/mollynicols-Eliteladyrose-Little-Bexley-camila_costa-whitebigtittygirl12-Crazynbed-YourAngel-NaomiVerified
https://www.quora.com/profile/BrookMiller188/SamanthaNMike-vickythomson-MiaTHAfreak-SushiSlut-DreamQueenV-BanksLikeTyra-srgiomraz28-electrareyna-Viol
https://www.quora.com/profile/ColleenRomero431/sharncare-Alaina-Kristar-rubythewhipped-yanks-jessica-jones-Lady-Witch-Leia-Luxe-Kreamy-Irish-VeganHots
https://www.quora.com/profile/AnaPartridge836/SkiMaskBxtch-JadeeHarlow-Jade-Sin-MILFMOMMY420-Creepitreal69-Cakedupp-BabyKhocolate-pocahontas-1-Graziel
https://www.quora.com/profile/RamonAyanbadejo764/LittleLilyCutie-angelsetfree1-2cum4more-kelirichards-Daniella-Margot-Annakitty-GisSensual-eve-marie-Evee
https://www.quora.com/profile/NicoleVenkatesh512/WinterEstelle-crystal3332804-novasinsane-Katykoxxxtx-lisacdere-MissLilahLove-smuttpuppy-SaccharoseDaddy
https://www.quora.com/profile/AnaPartridge836/SkiMaskBxtch-JadeeHarlow-Jade-Sin-MILFMOMMY420-Creepitreal69-Cakedupp-BabyKhocolate-pocahontas-1-Graziel
https://www.quora.com/profile/HollyWilliams598/TheJensensPlay-RosaGrace-lainaster-Pernocas-Ohmysweetladyn-HiddenCouple-Blondiereece217-Sarcastic-S3X-Work
https://www.quora.com/profile/TedNelson750/The-Real-Latexa-msannekadv2-bootybenz-Raincitykittyy-Destiny-Dream-Pandora-Charmie-Alilyforyou-naomi-woods

#17 By 4240821 (103.152.17.80) at 10/31/2023 5:27:32 AM
https://app.socie.com.br/AngelieFakdediestonerbby18
https://app.socie.com.br/read-blog/98303
https://app.socie.com.br/ChantelleredbridgeAngellaFaith
https://app.socie.com.br/read-blog/98265
https://app.socie.com.br/NyrobiBronze
https://app.socie.com.br/read-blog/97527
https://app.socie.com.br/TayRawWanderLusting
https://app.socie.com.br/read-blog/97887
https://app.socie.com.br/read-blog/97519
https://app.socie.com.br/sloansmoansMissMai19

#18 By 4240821 (103.151.103.150) at 10/31/2023 5:34:03 PM
https://app.socie.com.br/read-blog/97327
https://app.socie.com.br/read-blog/98872
https://app.socie.com.br/LucieWildelexiidoll
https://app.socie.com.br/read-blog/97451
https://app.socie.com.br/SugarSquirts1sexekitten69
https://app.socie.com.br/BBChaseALibraRising
https://app.socie.com.br/Alfonsina13MiaDixxon
https://app.socie.com.br/read-blog/98293
https://app.socie.com.br/read-blog/97621
https://app.socie.com.br/FazeLezzElissFire

#19 By 4240821 (62.76.146.75) at 11/1/2023 6:13:05 PM
http://activewin.com/mac/comments.asp?ThreadIndex=2099&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=75510&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=1148&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=19220&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=1013&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=72754&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=84815&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=39803&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=71082&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=83886&Group=Last

#20 By 4240821 (212.193.138.10) at 11/3/2023 9:34:37 AM
http://activewin.com/mac/comments.asp?ThreadIndex=73755&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=403&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=59304&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=75420&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=24752&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=28393&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=26068&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=72240&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=35021&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=14997&Group=Last

#21 By 4240821 (109.94.216.41) at 11/4/2023 2:45:46 PM
https://hotslutss.bdsmlr.com/post/653841551
https://hotslutss.bdsmlr.com/post/652844194
https://hotslutss.bdsmlr.com/post/658955749
https://hotslutss.bdsmlr.com/post/656191041
https://hotslutss.bdsmlr.com/post/659718494
https://hotslutss.bdsmlr.com/post/657835072
https://hotslutss.bdsmlr.com/post/652111124
https://hotslutss.bdsmlr.com/post/649318050
https://hotslutss.bdsmlr.com/post/659308535
https://hotslutss.bdsmlr.com/post/651488431

#22 By 4240821 (92.119.163.194) at 11/5/2023 2:41:47 PM
https://printable-calendar.mn.co/members/19913626
https://printable-calendar.mn.co/members/19897452
https://printable-calendar.mn.co/members/19920128
https://printable-calendar.mn.co/members/19910929
https://printable-calendar.mn.co/members/19892636
https://printable-calendar.mn.co/members/19909957
https://printable-calendar.mn.co/members/19910559
https://printable-calendar.mn.co/members/19914857
https://printable-calendar.mn.co/members/19904965
https://printable-calendar.mn.co/members/19900713

#23 By 4240821 (62.76.146.75) at 11/8/2023 5:58:43 PM
https://www.hackerearth.com/@prowadterverp1971
https://www.hackerearth.com/@fronmelesstil1983
https://www.hackerearth.com/@folgghotenpa1981
https://www.hackerearth.com/@disctredhydou1988
https://www.hackerearth.com/@welbugtdeve1972
https://www.hackerearth.com/@gradanelwrit1982
https://www.hackerearth.com/@totyhokom1987
https://www.hackerearth.com/@tromerorni1981
https://www.hackerearth.com/@hosmowhine1980
https://www.hackerearth.com/@dsidomodti1981

#24 By 4240821 (45.146.26.215) at 11/10/2023 11:44:54 AM
http://www.ttbizonline.com/pro/20231110020052
http://www.ttbizonline.com/pro/20231109184236
http://www.ttbizonline.com/pro/20231110004557
http://www.ttbizonline.com/pro/20231109231327
http://www.ttbizonline.com/pro/20231109092738
http://www.ttbizonline.com/pro/20231109085201
http://www.ttbizonline.com/pro/20231109111420
http://www.ttbizonline.com/pro/20231109055719
http://www.ttbizonline.com/pro/20231110023111
http://www.ttbizonline.com/pro/20231109162302

#25 By 4240821 (109.94.216.41) at 11/11/2023 11:05:10 AM
https://www.mddir.com/company/libby-lou-patreon-leaked/
https://www.mddir.com/company/latina_tits-patreon-leak/
https://www.mddir.com/company/blowynbeast-onlyfans-leaked/
https://www.mddir.com/company/pink-slut-onlyfans-leak/
https://www.mddir.com/company/lisa-gali-onlyfans-leak/
https://www.mddir.com/company/tikkafox-manyvids-leak/
https://www.mddir.com/company/jasperdayton-manyvids-leak/
https://www.mddir.com/company/soleflownergoddess-manyvids-leaked/
https://www.mddir.com/company/anastasia-carter-manyvids-leak/
https://www.mddir.com/company/rscoup-manyvids-leak/

Write Comment
Return to News
  Displaying 1 through 25 of 325
Last | Next
  The time now is 5:48:50 AM ET.
Any comment problems? E-mail us
User name and password:

 

  *  
  *   *