lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <200811040127.mA41Rmpi016981@faron.mitre.org>
Date: Mon, 3 Nov 2008 20:27:48 -0500 (EST)
From: "Steven M. Christey" <coley@...re.org>
To: bugtraq@...urityfocus.com
Subject: Re: [Full-disclosure] Universal Website Hijacking by Exploiting Firewall Content Filtering Features + SonicWALL firewalls 0day


Adrian P said:

>Regarding the paper, well, it can be useful for people who want to
>find a similar issue in their firewall/proxy appliances. Don't you
>think?

Aleph One's paper on stack smashing, Tim Newsham's on format strings,
Shaun Clowes' on PHP issues - not to mention a bunch of others -
demonstrate how successful a white paper can be for raising widespread
awareness about an issue.  Aleph One was hardly the first to discover
and exploit buffer overflows, but few would disagree about how
important his paper was to the industry.

- Steve

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ