[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <3D874BA9.7080508@guninski.com>
From: guninski at guninski.com (Georgi Guninski)
Subject: http://security.tombom.co.uk/moreshatter.html
CC'ing secure@...rosoft.com to throw some light on this.
secure@...rosoft.com:
Are you taking this seriously? Really really seriously?
Or are some application writers irresponsibly writing insecure code which opens
windows on windows - like in "net send 127.0.0.1 lol" ?
Georgi Guninski
http://www.guninski.com
Schmehl, Paul L wrote:
> Interesting. I had a lengthy email argument with a MS rep about
> shatter. He swore up and down that it wasn't a MS problem, but a bad
> applications programmer problem. He finally grudgingly admitted that MS
> probably shouldn't make it so easy to be a bad applications programmer
> and said he would forward my concerns to MS Security. Maybe now they'll
> actually take the issue seriously (yeah, right!)
>
> Paul Schmehl (pauls@...allas.edu)
> Department Coordinator
> The University of Texas at Dallas
> AVIEN Founding Member
> http://www.utdallas.edu/~pauls/
>
>
>
>>-----Original Message-----
>>From: Georgi Guninski [mailto:guninski@...inski.com]
>>Sent: Tuesday, September 17, 2002 4:56 AM
>>To: full-disclosure@...ts.netsys.com
>>Subject: [Full-Disclosure]
>>http://security.tombom.co.uk/moreshatter.html
>>
>>
>>http://security.tombom.co.uk/moreshatter.html
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>
>
Powered by blists - more mailing lists