| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu Jan 19 23:05:24 2006 From: ad at heapoverflow.com (ad@...poverflow.com) Subject: Security Bug in MSVC -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 not up to you. redsand wrote: > > > like selling all my M$ Excel exploits > > ad@...poverflow.com wrote: > > and me I think most FD members are desesperate of such newcomer > comments, you have nothing to say interesting about his work he's > doing before you were born. > > redsand wrote: > > >>>> i think the author of this advisory is desperate for >>>> advisories or attention. >>>> >>>> either way he needs to open a disassembler and work on >>>> something else. >>>> >>>> Pavel Kankovsky wrote: >>>> >>>> >>>>> On Tue, 17 Jan 2006, Morning Wood wrote: >>>>> >>>>> >>>>> >>>>> >>>>>> extract, and open hello.dsw click "batch build, build" or >>>>>> "rebuild all" code will execute ( calc.exe and >>>>>> notepad.exe used as an example ) >>>>>> >>>>>> >>>>> What's the point of building a bunch of sources unless 1. >>>>> you trust their author, or 2. you have made sure their is >>>>> nothing malicious there? >>>>> >>>>> When you build an executable from untrusted sources, you >>>>> get an untrusted executable. Either you run it and you're >>>>> screwed anyway, or you don't run it and you wasted your >>>>> time building it. >>>>> >>>>> >>>>> (Indeed, there are some marginal cases like when you want >>>>> to build an executable file intended to run on someone >>>>> else's computer...) >>>>> >>>>> --Pavel Kankovsky aka Peak [ Boycott >>>>> Microsoft--http://www.vcnet.com/bms ] "Resistance is >>>>> futile. Open your source code and prepare for >>>>> assimilation." >>>>> >>>>> _______________________________________________ >>>>> Full-Disclosure - We believe in it. Charter: >>>>> http://lists.grok.org.uk/full-disclosure-charter.html >>>>> Hosted and sponsored by Secunia - http://secunia.com/ >>>>> >>>>> >>>>> >>>> _______________________________________________ >>>> Full-Disclosure - We believe in it. Charter: >>>> http://lists.grok.org.uk/full-disclosure-charter.html Hosted >>>> and sponsored by Secunia - http://secunia.com/ >>>> >>>> >>>> >>>> > > 7 >>> > >>> > > > > > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) iQIVAwUBQ9AbAK+LRXunxpxfAQKNyhAAhtQnjmz90rgrBCOwHHuSkMaRtszPbIv3 DkE0u0reWJLkqXmGUEPJ1KZ3IvxYIbwOTT2qfSFwJYRytu9vhhgNTkOPbezq98Gu SwSsSgBkC1bKzxuRsta9ChUdBg/ajoKJ5tw7xOxtgMhfNWkbx5iDsu8jCN20NuJQ pdF5Vds49jlpv3Bu1aUcmDDbI9jPGEtxWP8ZiX7OT3WTJTl8LtE6WmUMQ73J4msL 6rb3bfJod827jCxGMoYxhL4PV9kpIYSzwmkjXjcNw4Kou3MTqfUAXVaWd82cyfq2 cRhCBhwcYQXoCMV9H8uk/HoNLhlJMUSCA1WPyTApXe3QDokhUWVMrzkGB1fcgJVF 3yoXaQ1faIdK7wT1r185p/MH0FQsPDhJlHfrF9KbetVX7+6JnWG1sNrLIqVZP2ss 5Pvvevc06UjYmNJ4OhwdfdCoFYRFBX+Ibd60wTmr5zEweBE/z69bUKeQXBrU9sDj Ep0dtVOIl2aSkE+n+FnEtquaWz+JQWEBDh+IS666BKXutcKWjTYV5rF1jkcC6nNX TVm5Cyg7FL6oTWtRzR/6Cdi3+NNWRSu/E9pCdSuNatYP+IL1+22y5Ge6TQkPkBVp 8HzCBggh1Tnwy6qnxMbt+yJw4Aq7Eqf02dwlYA0Nup47V0OQ5eutiInG0CINxt0d 3dq8HxbaM80= =AXCW -----END PGP SIGNATURE-----
Powered by blists - more mailing lists