| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks@...edu) Subject: Re: Round One: "DLL Proxy" Attack Easily Hijacks SSL From Internet Explorer On Mon, 09 Feb 2004 20:23:07 GMT, first last <randnut@...mail.com> said: > This is OLD news. Where have you been? It's been used for as long as > LoadLibrary has existed by programs monitoring other programs. There are > dozens of other ways of reading data from another program before and after > data is encrypted/decrypted. I could write a dozen similar advisories and > post them here and to BugTraq but I won't because they're OLD news. We need somebody to volunteer to keep an "old news" webpage with all this stuff listed,and put the URL in the monthly charter posting. Then when people post old rediscovered stuff, we can just say 'RTFM' ;) Has anybody noticed a rise/drop in re-reports of old IE bugs since Thor took his 'known unpatched vulns' page down? -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 226 bytes Desc: not available Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040209/2997b523/attachment.bin
Powered by blists - more mailing lists