| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <00f801c6528e$7232bfc0$6700a8c0@toshibauser> Date: Tue Mar 28 18:38:48 2006 From: william at lefkovics.net (William Lefkovics) Subject: re: eeye temporary patch for current IEvulnerability I trust them (almost) implicitly. As much as the original vendor. Though I suspect they have long stopped reading the content here, as it seems they are actually working. _____ From: full-disclosure-bounces@...ts.grok.org.uk [mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf Of n3td3v Sent: Tuesday, March 28, 2006 9:14 AM To: full-disclosure@...ts.grok.org.uk Subject: Re: [Full-disclosure] re: eeye temporary patch for current IEvulnerability Unofficial patches overall just help malicious activity, and i'm not even covering system crashes through bad implementation of third party patches. Right now i've been monitoring the situation where eEye security have done the worst thing possible by allowing script kids to download an unofficial patch. eEye are a disgrace to the industry if they reckon their patch is going to help the global oprand. To me big name players like SANS, CERT etc should be publicly slamming eEye and others like it for offering a patch which will never get past the boundires of the security community and all its malicious users. I'm calling for the big name players to get behind me in making the release of third party patches by people like eEye completely unacceptable in the name of security. Its now a disgrace to me that eEye can call themselves a security company. Well maybe a security company who offers tools to aid malicious activity. As for their attempt to help legitimate users patch their systems, thats a bit of a joke isn't it, since they aren't hooked upto the millions of internet explorer users to be able to be an effective solution for legitimate users. http://groups.google.com/group/n3td3v/browse_thread/thread/a69861a3d768f39f/ 59589507866a0738#59589507866a0738 <http://groups.google.com/group/n3td3v/browse_thread/thread/a69861a3d768f39f /59589507866a0738#59589507866a0738> On 3/28/06, Jay Libove <libove@...ines.org> wrote: Has anyone applied and tested the eeye patch? Verified that it works, and that it does not do anything else? -Jay _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html <http://lists.grok.org.uk/full-disclosure-charter.html> Hosted and sponsored by Secunia - http://secunia.com/ -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060328/a9138691/attachment-0001.html
Powered by blists - more mailing lists