[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <ea7eb11a05092208327724a9e5@mail.gmail.com>
Date: Thu Sep 22 16:32:20 2005
From: pvnick at gmail.com (Paul Nickerson)
Subject: Google Secure Access or "How to have people
download a trojan."
Not to mention I was the one who found those two particular flaws, which
essentially make use of the same bug, in the first place ;-) (i.e.
http://greyhatsecurity.org/longnamevuln-discussion.htm)
Regards,
Paul
Greyhats Security
http://greyhatsecurity.org
On 9/22/05, Valdis.Kletnieks@...edu <Valdis.Kletnieks@...edu> wrote:
>
> On Wed, 21 Sep 2005 23:59:53 EDT, Ill will said:
> > yea Paul we all dont know how to take 2 pre-existing flaws and mash
> > them together
> > with the help of others to make our so-called 'security advisories'
> > and credit ourselves
>
> What does that make Liu Die Yu's "Six Step IE Cache Remote Compromise"
> count as?
>
> And remember that there's "obvious" interaction of two flaws, and then
> there's ones that rely on very non-obvious subtle magic.....
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20050922/b9b84ddb/attachment.html
Powered by blists - more mailing lists