lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <3F3AD15D.4774.5249AFE7@localhost>
From: nick at virus-l.demon.co.uk (Nick FitzGerald)
Subject: DameWare Mini-RC Shatter

The wood-ster wrote:

> i would assume that any command you can type localy
>  is available as this is a remote control product ( trojan )
> ie: this is a feature, not a flaw?

D'oh!

Did you not read the whole advisory?

We know you like Dameware from earlier messages of yours, so I'll try 
to make this really easy for you...

Here's a hint -- I've snipped away everything from the original 
advisory other than the part even you should be able to understand:

> > 5) Vendor status/notes/fixes/statements
> >
> >    Dameware Development has repaired all current known vulnerabilities.
> >
> >    Dameware Development will continue researching and developing
> alternate
> >    development methods to ensure their software remains secure.
> >
> >    A fix is available from Dameware Development by downloading version
> >    3.71.0.0 or later from their website.[1]

Now, do you think that Dameware folk would "fix" a "feature"?

Did you even think?

Please stop littering our mailboxes with your ill-considered 
dribblings.  Please...


Regards,

Nick FitzGerald


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ