lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 03 May 2004 22:42:38 -0400 From: Jason <security@...enik.com> To: Javier Fernandez-Sanguino <jfernandez@...minus.com> Cc: Ben Ryan <ben@...c.edu.au>, NTBUGTRAQ@...TSERV.NTBUGTRAQ.COM, bugtraq@...urityfocus.com, full-disclosure@...ts.netsys.com Subject: Re: Re: New LSASS-based worm finally here (Sasser) Javier Fernandez-Sanguino wrote: [...] > > [1] Approaching the record of worms in other OS, which, I believe, is > held by Scalper (10 days from patch to worm). But hey, they could browse > the source changes for that one. > It did not attack an OS directly but I believe the witty worm [1] holds the record to date. A 1 day window from advisory to release, it attacked and destroyed a security component that was supposed to protect against these issues... [1] - http://www.caida.org/analysis/security/witty/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists