lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 1 Oct 2010 22:11:31 +0200 From: "HI-TECH ." <isowarez.isowarez.isowarez@...glemail.com> To: Benji <me@...ji.com> Cc: full-disclosure@...ts.grok.org.uk Subject: Re: full disclosure my dear (Microsoft IIS 6.0 Denial of Service) Hello list, looks like this bug is covered by MS10-065 ('IIS Repeated Parameter Request Denial of Service Vulnerability') as tests by VUPEN have shown. from vupen on twitter: "We analyzed the MS IIS 0day disclosed by @kingcope and we confirmed that it is NOT a 0D. This is the DoS fixed in MS10-065" I personally have looked into MS10-065 by binary diffing but was unaware that the PoC exploits the same bug. Now at least you can test your server for the bug. Thanks to vupen for pointing this out. Regards, Kingcope 2010/10/1 Benji <me@...ji.com> > > geeks - the only ones that could ever possibly care about a DOS. > > On Fri, Oct 1, 2010 at 10:23 AM, Jacky Jack <jacksonsmth698@...il.com> wrote: > > Are you trying to Pwn$$$$$ G33ks here? > > > > > > On Fri, Oct 1, 2010 at 8:41 AM, HI-TECH . > > <isowarez.isowarez.isowarez@...glemail.com> wrote: > >> vulnerability description is attached to this email. > >> > >> /Kingcope > >> > >> _______________________________________________ > >> Full-Disclosure - We believe in it. > >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html > >> Hosted and sponsored by Secunia - http://secunia.com/ > >> > > > > _______________________________________________ > > Full-Disclosure - We believe in it. > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > > Hosted and sponsored by Secunia - http://secunia.com/ > > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists