lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20040218200747.562A8417E@etrn.gtdinternet.com>
From: packet at vtr.net (Replugge[ROD])
Subject: Re: Second critical mremap() bug found in all Linux kernels

 Ofcourse, but leave that option to the person that is posting his research
or PoC ploits to the list,
It isn't very religious to tell him what to do in the "full-disclosure"
mailing list, the freedom to post 
is the very Spirit of this mailing list.  

Regards

Rod.-


-----Mensaje original-----
De: full-disclosure-admin@...ts.netsys.com
[mailto:full-disclosure-admin@...ts.netsys.com] En nombre de Chris Anley
Enviado el: Mi?rcoles, 18 de Febrero de 2004 16:08
Para: Replugge[ROD]
CC: 'Paul Starzetz'; 'Christophe Devine'; full-disclosure@...ts.netsys.com
Asunto: RE: [Full-Disclosure] Re: Second critical mremap() bug found in all
Linux kernels

Full doesn't necessarily mean immediate.

<...ducks for cover...>

     -chris.

On Wed, 18 Feb 2004, Replugge[ROD] wrote:

> Isn't this the "full disclosure" mailing list?
>
> -----Mensaje original-----
> De: full-disclosure-admin@...ts.netsys.com
> [mailto:full-disclosure-admin@...ts.netsys.com] En nombre de Paul 
> Starzetz Enviado el: Mi?rcoles, 18 de Febrero de 2004 11:52
> Para: Christophe Devine
> CC: full-disclosure@...ts.netsys.com
> Asunto: Re: [Full-Disclosure] Re: Second critical mremap() bug found 
> in all Linux kernels
>
> On Wed, 18 Feb 2004, Christophe Devine wrote:
>
> >This PoC exploit can be used to check if a Linux system is vulnerable 
> >to the second do_mremap() bug; the code has only been tested on Linux 
> >version 2.4.22 so far
>
> please do not post any exploit code(s) before a proper grace period.
>
> --
> Paul Starzetz
> iSEC Security Research
> http://isec.pl/
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ