| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <41991396.9080402@immunitysec.com> Date: Mon, 15 Nov 2004 15:37:42 -0500 From: Dave Aitel <dave@...unitysec.com> To: joe <mvp@...ware.net> Cc: "'Michal Zalewski'" <lcamtuf@...ttot.org>, "'Berend-Jan Wever'" <skylined@...p.tudelft.nl>, full-disclosure@...ts.netsys.com, bugtraq@...urityfocus.com Subject: Re: MSIE src&name property disclosure That's a good question for your Microsoft sales rep. If you want technical details, Immunity has a working and reliable Wins exploit in the Vulnerability Sharing Club version of CANVAS. I think there's an interesting difference between how the Linux community handled the recent kernel bugs, and how Microsoft and other commercial vendors handle all bugs. Dave Aitel Immunity, Inc. joe wrote: >How is it an example? > >-----Original Message----- >From: full-disclosure-admin@...ts.netsys.com >[mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of Dave Aitel >Sent: Monday, November 08, 2004 9:49 AM >To: Michal Zalewski >Cc: Berend-Jan Wever; full-disclosure@...ts.netsys.com; >bugtraq@...urityfocus.com >Subject: Re: [Full-Disclosure] MSIE src&name property disclosure > ><SNIP> >WINS is a classic example. ><SNIP> > >_______________________________________________ >Full-Disclosure - We believe in it. >Charter: http://lists.netsys.com/full-disclosure-charter.html > > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists