lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu Sep 22 05:28:21 2005
From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks@...edu)
Subject: Google Secure Access or "How to have people
	download a trojan." 

On Wed, 21 Sep 2005 23:59:53 EDT, Ill will said:
> yea Paul we all dont know how to take 2 pre-existing flaws and mash
> them together
> with the help of others to make our so-called 'security advisories'
> and credit ourselves

What does that make Liu Die Yu's "Six Step IE Cache Remote Compromise"
count as?

And remember that there's "obvious" interaction of two flaws, and then
there's ones that rely on very non-obvious subtle magic.....
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20050922/24b8bd02/attachment.bin

Powered by blists - more mailing lists