lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Wed, 04 Oct 2006 13:37:18 -0500
From: Mailinglists Address <mailinglist@...resshosting.net>
To: bugtraq@...urityfocus.com
Subject: Re: zero-day flaws in Firefox: about 30 unpatched Firefox flaws

According to this article it was a hoax... So who is telling the truth,
and what sort of fall out will come from this?

http://www.betanews.com/article/Firefox_Flaw_a_Hoax_Admits_Speaker/1159903320

Tom Walsh

ragan@...il.com wrote:
> http://news.com.com/2100-1002_3-6121608.html?part=rss&tag=6121608&subj=news
>
> An attacker could commandeer a computer running the browser simply by crafting a Web page that contains some malicious JavaScript code, Mischa Spiegelmock and Andrew Wbeelsoi said in a presentation at the ToorCon hacker conference here. The flaw affects Firefox on Windows, Apple Computer's Mac OS X and Linux, they said.
>
> The hackers claim they know of about 30 unpatched Firefox flaws. They don't plan to disclose them, instead holding on to the bugs.
>
> "I do hope you guys change your minds and decide to report the holes to us and take away $500 per vulnerability instead of using them for botnets," Ruderman said.
>
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ