lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20040226190508.25FC94081@etrn.gtdinternet.com>
From: packet at vtr.net (Replugge[ROD])
Subject: What's wrong with this picture?

 The fact that exploit code is made available after the patch is released,
is probably because the researchers
Made the vulnerability publicly available at same time as the patch was
released, otherwise MS wouldnt give
Credit to the researchers for the vuln.

Rgds

Rod.-

-----Mensaje original-----
De: full-disclosure-admin@...ts.netsys.com
[mailto:full-disclosure-admin@...ts.netsys.com] En nombre de
Valdis.Kletnieks@...edu
Enviado el: Jueves, 26 de Febrero de 2004 14:38
Para: bugtraq@...urityfocus.com; full-disclosure@...ts.netsys.com
Asunto: [Full-Disclosure] What's wrong with this picture?

Somebody want to explain to this guy that there's a difference between
"publicly available" exploits and 0-day exploits circulating in the
underground?

http://news.bbc.co.uk/1/hi/technology/3485972.stm

Scary part is that he's a high honcho at Microsoft's security unit.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ