lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-Id: <200708012146.32137.werner@yellowcouch.org>
Date: Wed, 1 Aug 2007 21:46:28 +0200
From: Werner Van Belle <werner@...lowcouch.org>
To: bugtraq@...urityfocus.com
Cc: bugtraq@...ph3us.org
Subject: Re: [BuHa-Security] Winamp 5.35 (Infinite) M3U File Inclusion Stack Overflow

> How would you name it? "Winamp 5.35 (Infinite) M3U File Inclusion Stack
> Overflow Exception"?

I actually agree with the original poster. A stack overflow in a client side 
program such as winamp could hardly be labeled 'denial of service'. A user 
program is in general not 'a service'. With your definition every segfault 
could be labeled 'denial of service'.

In any case, I liked your new title much better because it is more accurate 
and does not sound as threatening to server administrators as your original 
one :)

With kind regards,

-- 
Dr. Werner Van Belle
http://werner.yellowcouch.org/

Download attachment "signature.asc " of type "application/pgp-signature" (190 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ