lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <40897DDC.1050400@yahoo.es>
From: zumbita00 at yahoo.es (Yofumo Mimoto)
Subject: THCIISSLame exploit - now without binary

Mark wrote:

>
> johnny cyberpunk wrote:
>
>> hi all,
>>
>> i understand now the point, what i made wrong.
>> THC has updated the website immediately and now only the *.c
>> files are available for download.
>> i really had no clue about the problem, that releasing an exploit with a
>> compiled
>> binary is same as VX code. i'm really sorry for that.
>>
>> cheers,
>> johnny cyberpunk/thc
>
>
> I just can't help to laugh at the irony in this..... With a
> binary people are limited to eploiting systems one by one.
> Now that the source is available, how long do you think it
> will take to turn this into a Slammer scale worm???

    That's a good way for people to start to show interest for security, 
and to force M$ to patch their products, as they should do.

    Thanks Johnny Cyberpunk for founding such a great bug !!


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ