lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
From: guninski at guninski.com (Georgi Guninski)
Subject: New MyDoom exploiting IFRAME

microsoft are acting "responsibly", following "commonly accepted practice"
[1].
they are masters of managing "responsibility" - just check their EULAs.
but why their management don't declare "sickurity - top priority"?

-- 
georgi

1. http://news.com.com/Exploit+code+makes+IE+flaw+more+dangerous/2100-1002_3-5439370.html

On Tue, Nov 09, 2004 at 10:14:08PM +0000, n3td3v wrote:
> On Tue, 9 Nov 2004 11:08:26 +0100 (CET), Berend-Jan Wever
> <skylined@...p.tudelft.nl> wrote:
> > Hi all,
> > 
> > There's a new MyDoom variant exploiting the IFRAME issue 
> 
> The worst problem with this is microsoft have not announced a patch
> for the exploit which the virii exploits, so this is wild in every
> description of the word "wild". (unless i was cross-minded with a
> seperate recently unleashed virii)
> 
> Further remarks on this subject would be useful....
> 
> 
> Thanks, n3td3v
> 
> http://www.geocities.com/n3td3v
> 
> I'm a security enthusiast
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ