lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <3D874BA9.7080508@guninski.com>
From: guninski at guninski.com (Georgi Guninski)
Subject: http://security.tombom.co.uk/moreshatter.html

CC'ing secure@...rosoft.com to throw some light on this.
secure@...rosoft.com:
Are you taking this seriously? Really really seriously?
Or are some application writers irresponsibly writing insecure code which opens 
windows on windows - like in "net send 127.0.0.1 lol" ?

Georgi Guninski
http://www.guninski.com


Schmehl, Paul L wrote:
> Interesting.  I had a lengthy email argument with a MS rep about
> shatter.  He swore up and down that it wasn't a MS problem, but a bad
> applications programmer problem.  He finally grudgingly admitted that MS
> probably shouldn't make it so easy to be a bad applications programmer
> and said he would forward my concerns to MS Security.  Maybe now they'll
> actually take the issue seriously (yeah, right!)
> 
> Paul Schmehl (pauls@...allas.edu)
> Department Coordinator
> The University of Texas at Dallas
> AVIEN Founding Member
> http://www.utdallas.edu/~pauls/
> 
> 
> 
>>-----Original Message-----
>>From: Georgi Guninski [mailto:guninski@...inski.com] 
>>Sent: Tuesday, September 17, 2002 4:56 AM
>>To: full-disclosure@...ts.netsys.com
>>Subject: [Full-Disclosure] 
>>http://security.tombom.co.uk/moreshatter.html
>>
>>
>>http://security.tombom.co.uk/moreshatter.html
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
> 
> 



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ