| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 3 Sep 2009 01:40:54 +0200
From: exploit dev <extraexploit@...il.com>
To: Thomas Kristensen <tk@...unia.com>
Cc: full-disclosure@...ts.grok.org.uk, security@...unia.com
Subject: Re: Secunia PSI (RC3) - memory corruption
condition
Hi Thomas,
my post is not to intend for malicious activities. In report I write that is
usually for rc stage, discovery condition of this kind.
Usually these ancient bugs, IMHO, may be used for support analysis based on
binary diff using the historical releases of an application for obtain a
delta
of "critical" zone. But, again, it's only my opinion.
Thank you for your answer.
Kind regards.
On Wed, Sep 2, 2009 at 10:27 PM, Thomas Kristensen <tk@...unia.com> wrote:
> Hi,
>
> Thank you for the report.
>
> Based on the provided information, this is not a security issue (as
> securityfocus wrongfully hasted to conclude), but rather a bug (in an
> ancient
> release candidate).
>
> If you have any further details, please send those to
> security@...unia.com.
>
> --
> Kind regards,
>
> Thomas Kristensen
> CTO
>
> Secunia
> Weidekampsgade 14A
> DK-2300 Copenhagen S
> Denmark
>
> Phone: +45 7020 5144
> Fax: +45 7020 5145
>
> Looking for a vulnerability research and reversing job?
> http://secunia.com/corporate/jobs/open_positions/
>
>
> On Wed, 2009-09-02 at 21:15 +0200, exploit dev wrote:
> > Hi
> > I have detect, in some circumstance, a memory corruption issue in
> > Secunia PSI (release candidate 3).
> > The vendor was contacted without response.
> >
> > ...I know that this kind of issues in release candidate are not so
> > rare but if you are interested check:
> >
> >
> http://extraexploit.blogspot.com/2009/09/secunia-psi-rc3-undefined-memory.html
> >
> >
> > Regards
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
>
>
--
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists